Security News > 2011 > March > Firm points finger at Iran for SSL certificate theft
http://www.computerworld.com/s/article/9214998/Firm_points_finger_at_Iran_for_SSL_certificate_thefthttp://www.computerworld.com/s/article/9214998/Firm_points_finger_at_Iran_for_SSL_certificate_theft By Gregg Keizer Computerworld March 23, 2011 Iran may have been involved in an attack that resulted in hackers acquiring bogus digital certificates for some of the Web's biggest sites, including Google and Gmail, Microsoft, Skype and Yahoo, a certificate issuing firm said today. The bogus certificates -- which are used to prove that a site is legitimate -- were acquired by attackers last week when they used a valid username and password to access an affiliate of Comodo, which issues SSL certificates through its UserTrust arm. Today, Comodo's CEO said his company believes the attack was state-sponsored and pointed a finger at Iran. "We believe these are politically motivated, state driven/funded attacks," said Melih Abdulhayoglu, the CEO and founder of Comodo, a Jersey City, N.J.-based security company that is also allowed to issue site certificates. [...] ___________________________________________________________ Tegatai Managed Colocation: Four Provider Blended Tier-1 Bandwidth, Fortinet Universal Threat Management, Natural Disaster Avoidance, Always-On Power Delivery Network, Cisco Switches, SAS 70 Type II Datacenter. Find peace of mind, Defend your Critical Infrastructure. http://www.tegataiphoenix.com/