by Roel SchouwenbergEditor’s note: This story was reposted from Securelist.com.In an almost unprecedented event the Dutch minister of internal affairs gave a press conference at 1:15 AM Friday to Saturday night. He announced the Dutch government was revoking trust in Diginotar.
The same attacker who claimed to have compromised Comodo in March is now claiming responsibility for the attack on DigiNotar, the Dutch certificate authority that issued fraudulent certificates for several hundred domains in he last few weeks, including Google, Yahoo, Mozilla Add-Ons and several intelligence agencies. In the wake of the widening scandal, the Dutch government has performed an audit of the company’s CA business and browser vendors have revoked trust for the certificates DigiNotar issued for the Dutch government’s PKI.
A co-founder of The Tor Project says his organization is being kept in the dark about the status of a dozen fraudulent SSL certificates issued in its name by a compromised root server operated by Diginotar. The bogus certificates could be used to carry out man in the middle attacks, or trick unsuspecting Internet users into downloading a compromised version of the Tor anonymity software.
In the wake of what will likely go down as the biggest gaming failure since Virtual Boy, Sony chief executive, Howard Stringer claims the PlayStation Network is more secure than ever, according to a report from CNET.
One of the world’s largest advertising networks, YieldManager, has been serving ransomware to websites from all over the world. The malvertising campaign was first detected by Armorize’s HackAlert scanning farm.
Attackers have compromised a number of servers at kernel.org that house the Linux kernel source code and were able to modify a number of files and log user activity on the machines. However, it appears right now as though the Linux source code repositories were not affected by the attack.
There are more signs that a July compromise of DigiNotar, a certificate authority based in the Netherlands, may have been driven by political motives. A Dutch Web site, nu.nl, reported on Wednesday that digital certificates belonging to Mozilla, Yahoo.com, Wordpress and The Tor Project were among dozens reported stolen from DigiNotar.
Researchers at NSS Labs claim that they’ve spotted attacks that use Sipvicious, a common auditing tool for Voice over IP (VoIP) networks as part of malicious attacks aimed at taking control of vulnerable VoIP servers. The attacks are apparently aimed at taking control of VoIP servers to place unauthorized calls.
Mozilla has released version 6.01 of its Firefox browser, which now removes the compromised DigiNotar root certificate from the list of trusted roots. The move comes just two days after security researchers discovered that the Dutch company had issued a valid wildcard certificate for Google to an unknown third party.
There is a new version of the Apache Web Server available that fixes the recently disclosed range header denial-of-service vulnerability. Apache 2.2.20 is was released Tuesday and the new content mostly comprises the bug fix.
Infosec Insider content is written by a trusted community of Threatpost cybersecurity subject matter experts. Each contribution has a goal of bringing a unique voice to important cybersecurity topics. Content strives to be of the highest quality, objective and non-commercial.
Sponsored Content is paid for by an advertiser. Sponsored content is written and edited by members of our sponsor community. This content creates an opportunity for a sponsor to provide insight and commentary from their point-of-view directly to the Threatpost audience. The Threatpost editorial team does not participate in the writing or editing of Sponsored Content.
