Breach link to Iranian government

DigiNotar, the Dutch company responsible for issuing security certificates that authenticate websites, has entered into bankruptcy. This come on the heels of of the company being taken over by the Dutch government earlier this month, after it was revealed that company's site had been hacked. It's believed that the hackers, linked to the Iranian government, issued over 500 fake certificates.

The DigiNotar site was breached back in July. The company did not disclose the leak until late last month. The hackers issued fake certificates for several large organizations including the CIA, Google, Microsoft and Twitter.

Security certificates are used to authenticate websites and guarantee that communications between a browser and website are secure. Fake certificates can, in theory, be used for phishing attacks or to monitor communications without the user noticing.

Both Apple and Microsoft have responded to the situation. Apple has issued special patches for OS X Snow Leopard and Lion to remove DigiNotar from the list of trusted root and extended validation certificates. Microsoft has issued a security update that fixes the vulnerability in affected versions of Windows Vista and Internet Explorer.

VASCO, DigiNotar's parent company has reaffirmed that it its other businesses were not affected by the vulnerability and that its other operations will continue to function as normal. [via IT Pro]

By Electronista Staff

Post tools:

TAGS :  

security, Microsoft, Apple, DigiNotar