Certificate hacker probably paid by Iran, say victimized firms

[InfoSec News <alerts () infosecnews org>]

http://www.computerworld.com/s/article/9219930/Certificate_hacker_probably_paid_by_Iran_say_victimized_firms

By Gregg Keizer
Computerworld
September 12, 2011

The CEO of a certificate-issuing company that was hacked in March is 
even more certain now that a wave of attacks against similar firms is 
backed by the Iranian government.

"I think even more so now than before," said Melih Abdulhayoglu, the CEO 
and founder of Comodo, a Jersey City, N.J.-based security company that 
is also one of hundreds of certificate authorities, or CAs, allowed to 
issue SSL (secure socket layer) certificates.

The certificates authenticate the identity of websites, to show, say, 
that Google is really Google.

Last March, after Comodo confirmed that its network had been breached 
and nine certificates stolen -- including ones for Google, Microsoft and 
Yahoo -- Abdulhayoglu said he believed the attacks came were backed by 
the Iranian government.

[...]


_____________________________________________________________
Register now for the #HITB2011KUL - Asia's premier
deep-knowledge network security event now in it's 9th year!
http://conference.hitb.org/hitbsecconf2011kul/