Web authentication authority suffers security breach

[InfoSec News <alerts () infosecnews org>]

http://www.theregister.co.uk/2011/06/21/startssl_security_breach/

By Dan Goodin in San Francisco
The Register
21st June 2011

Yet another web authentication authority has been attacked by hackers 
intent on minting counterfeit certificates that would allow them to 
spoof the authenticated pages of high-profile sites.

Israel-based StartCom, which operates StartSSL suffered a security 
breach that occurred last Wednesday, the company said in a tersely 
worded advisory. The certificate authority, which is trusted by the 
Microsoft Internet Explorer, Google Chrome, and Mozilla Firefox browsers 
to vouch for the authenticity of sensitive websites, has suspended 
issuance of digital certificates and related services until further 
notice.

Eddy Nigg, StartCom's CTO and COO, told The Register that the attackers 
targeted many of the same websites targeted during a similar breach in 
March against certificate authority Comodo. The hackers in the earlier 
attack managed to forge certificates for seven addresses, including 
Google mail, www.google.com, login.yahoo.com, login.skype.com, 
addons.mozilla.com, and Microsoft's login.live.com.

The earlier breach touched off a frantic effort by the world's biggest 
browser makers to blacklist the counterfeit credentials before the 
hackers could use them to create spoof websites that contained a valid 
cryptographic stamp validating the sites' authenticity. It took more 
than a week for the fraudulent credentials to be blocked in all 
browsers, and even then, many widely used email programs still weren't 
updated.

[...]


___________________________________________________________
Tegatai Managed Colocation: Four Provider Blended
Tier-1 Bandwidth, Fortinet Universal Threat Management,
Natural Disaster Avoidance, Always-On Power Delivery
Network, Cisco Switches, SAS 70 Type II Datacenter.
Find peace of mind, Defend your Critical Infrastructure.
http://www.tegataiphoenix.com/