Breach link to Iranian government
DigiNotar, the Dutch company responsible for issuing security certificates that authenticate websites, has entered into bankruptcy. This come on the heels of of the company being taken over by the Dutch government earlier this month, after it was revealed that company's site had been hacked. It's believed that the hackers, linked to the Iranian government, issued over 500 fake certificates.
Leopard left out of updates
Apple has posted Security Update 2011-005, a new patch for OS X Lion and Snow Leopard. In each case the code is aimed at fixing just a single problem: fraudulent certificates issued by DigiNotar, a threat Microsoft dealt with on Wednesday. Apple notes that it has removed DigiNotar from the listed of trusted root and extended validation certificates. By default, OS X should now distrust any certificate connected to DigiNotar.
Microsoft addresses fake DigiNotar certificates
Microsoft has responded to the recently unveiled hack that saw DigiNotar issue fake security certificates for some high-profiles websites by issuing a patch on Tuesday. The patch only applies to affected versions of Windows Vista and is delivered through Internet Explorer. After the vulnerability was discovered on August 28, Microsoft released a security advisory on August 29 and removed the DigitNotar root certificate from the Microsoft Certificate Trust List.
DigiNotar hack tied to Iranian government
A Dutch web security firm that sells security certificates, DigiNotar, was hacked back in July and fake certificates were issued to websites such as the CIA, Google, Microsoft and Twitter. DigiNotar just acknowledged the attack last week. Now, the Dutch government has taken over the company. It's also believed that the hacker or hackers operated with the cooperation of the Iranian government.