HomeCalendarCertificationsColumnsFeaturesForumResourcesVitals
 
Image
 
linkedin_logo.png rss_logo.jpg
twitter_logo.png youtube_logo.jpg
Latest Additions
 
EH-Net Login
Welcome Guest.
Lost Password?
No account yet? Register
Who's Online
We have 48 guests and 1 member online
 
Advertisement

You are here: Home arrow Resourcesarrow News from the Outside Worldarrow VeriSign Hacked Several Times, Won't Reveal the Details
EH-Net
May 21, 2013, 03:47:39 AM *
Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
News: Go back to The Ethical Hacker Network Online Magazine Home Page
 
   Home   Help Calendar Login Register  
Pages: [1]   Go Down
« previous next »
  Print  
Author Topic: VeriSign Hacked Several Times, Won't Reveal the Details  (Read 2262 times)
0 Members and 1 Guest are viewing this topic.
don
Editor-In-Chief
Administrator
Hero Member
*****
Offline Offline

Posts: 4165


Editor-In-Chief


View Profile WWW
« on: February 03, 2012, 10:29:20 AM »
Quote

Company buried fact of 2010 incidents involving its Internet domain service in a fall 2011 financial filing, which came to light only this week

In October 2011, Internet infrastructure firm VeriSign released its usual quarterly report. Buried in the 50-page filing to the SEC was the revelation that the company had been breached multiple times the previous year.

The incidents came to light only today, when news service Reuters found the information during an investigation of whether public companies were disclosing breach incidents in their financial statements. VeriSign's account of the incidents carried few details, and the company refused additional comment.

In the filing, VeriSign stated, "In 2010, the company faced several successful attacks against its corporate network in which access was gained to information on a small portion of our computers and servers. We have investigated and do not believe these attacks breached the servers that support our DNS (Domain Name System) network."

VeriSign manages the Domain Name System for the .com and .net top-level domains, as well as the .name, .cc, and .tv domains. In addition, at the time of the attacks, the company sold and managed a large digital signature service, selling SSL and EV (extended validation) signatures that are used to secure websites and email and to sign code. The Internet security business unit was sold to Symantec in 2010.

Although the announcement comes after the revelation of breaches in 2011 of other Internet infrastructure firms -- such as the now-defunct DigiNotar, rival Comodo, and security giant RSA -- the VeriSign hacks occurred months before those breaches. If VeriSign had disclosed the attacks in 2010, Comodo and other hacked firms might have been able to improve their own security in time to detect the attacks they experienced in 2011, said Melih Abdulhayoglu, Comodo's CEO.

"We would have been on a higher alert, it would have changed a lot of things," Abdulhayoglu noted. "I'm sure that other CAs [certificate authorities] would have taken the hint and done something about it."


Full story:
http://www.infoworld.com/t/cyber-crime/verisign-hacked-several-times-wont-reveal-the-details-185617

Don
Logged
CISSP, MCSE, CSTA, Security+ SME
Pages: [1]   Go Up
  Print  
« previous next »
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.18 | SMF © 2013, Simple Machines
Joomla Bridge by JoomlaHacks.com 		Valid XHTML 1.0! Valid CSS!
Page created in 0.062 seconds with 23 queries.
 
Exclusive Deal

sansfire13_245x90_cw90.jpg
SANSFIRE 2013
June 15 - 22

5% Off w/ Code: EHN_5

SANS Deals 4 EH-Netters
5% OFF Any SANS Course in Any Format!
Coupon Code: EHN_5 Including SANS Rocky Mountain 2013 & SANS Boston 2013
Polls
Compared to this year, 2013 will be:
 
Recent Forum Topics
EH-Net News Feeds
Latest Additions
 
         
Free Business and Tech Magazines and eBooks

© 2013 The Ethical Hacker Network
Joomla! is Free Software released under the GNU/GPL License.