funsec mailing list archives
Re: [Full-disclosure] Key Internet operator VeriSign hit by hackers [DNS]
From: "steve pirk [egrep]" <steve () pirk com>
Date: Sun, 5 Feb 2012 20:44:09 -0800
On Thu, Feb 2, 2012 at 20:15, Jeffrey Walton <noloader () gmail com> wrote:
On Thu, Feb 2, 2012 at 11:10 PM, Kyle Creyts <kyle.creyts () gmail com> wrote:"Management was informed of the incident in September 2011" pg 33, sect 2As I said: Alarming.
Further, there is no mention of risk potential for the SSL business whatsoever, despite numerous mentions of risk factors for the Registry Services business, not related to this attack.
I was born at night, but not last night. Well, Verisign did offload the SSL business to Symantec in August 2010, so that makes me think something happened. That was also around the time the Chinese (theoretically) hacked all those gmail accounts. I think it was later discovered that some sites had not processed CRLs correctly and still had old revoked certs for companies like Google. I am not saying any of the above is/was probable, but it sure is coincidental. If I find any incorrect statements above, I will fix them. I need to do some searching. -- steve pirk yensid "father... the sleeper has awakened..." paul atreides - dune
_______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Key Internet operator VeriSign hit by hackers [DNS] Jeffrey Walton (Feb 02)
- Re: [Full-disclosure] Key Internet operator VeriSign hit by hackers [DNS] Kyle Creyts (Feb 02)
- Re: [Full-disclosure] Key Internet operator VeriSign hit by hackers [DNS] Jeffrey Walton (Feb 02)
- Re: [Full-disclosure] Key Internet operator VeriSign hit by hackers [DNS] Kyle Creyts (Feb 02)
- Re: [Full-disclosure] Key Internet operator VeriSign hit by hackers [DNS] Jeffrey Walton (Feb 02)
- Re: [Full-disclosure] Key Internet operator VeriSign hit by hackers [DNS] steve pirk [egrep] (Feb 05)
- Re: [Full-disclosure] Key Internet operator VeriSign hit by hackers [DNS] Jeffrey Walton (Feb 02)
- Re: [Full-disclosure] Key Internet operator VeriSign hit by hackers [DNS] Kyle Creyts (Feb 02)