• Home
  • News
  • Reviews
  • Digital technology
  • Cloud
  • Data analytics
  • Digital leaders
  • IoT
  • Opinion
  • Events
  • Resources
  • SMB Spotlight
  • Newsletters
  • Sign in
  • Events
    • Follow V3 Events

      Sign up to receive email alerts about our events

      Sign up
  • Resources
    • V3resources 120x194
      Network Security Forensics For GDPR Compliance

      An effective network security forensics strategy can assist an organization in providing key compliance-related details as part of any post-incident GDPR investigation.

      Download
      V3resources 120x194
      10 ways to increase productivity with managed Office 365

      For businesses large and small, relying on a cloud-based collaboration and productivity suite such as Microsoft Office 365 is becoming the norm. Enhancing productivity in your organisation is vital to get ahead in 2017 - and using Office 365 can help, if it's used right...

      Download
      Find resources
      Search by title or subject area
      View all resources
  • SMB Spotlight
  • Sign in
  •  
    •  

      You are currently accessing V3 .co.uk via your Enterprise account.

      Personalise your on site experience

      Download and use the apps

      Access your subscription from outside of the office

      Get relevant news and insight straight to your inbox

      • Sign in
     
      • Newsletters
      • Account details
      • Contact support
      • Sign out
     
  • Follow us
    • RSS
    • Twitter
    • Newsletters
    • Facebook
    • YouTube
  • Register
  • News
  • Reviews
  • Digital technology
  • Cloud
  • Data analytics
  • Digital leaders
  • IoT
  • Opinion
 
  •  

    You are currently accessing V3 .co.uk via your Enterprise account.

    Personalise your on site experience

    Download and use the apps

    Access your subscription from outside of the office

    Get relevant news and insight straight to your inbox

    • Sign in
 
    • Newsletters
    • Account details
    • Contact support
    • Sign out
 
V3.co.uk
  • Security

GlobalSign claims breach did not compromise SSL certificates

Certificate authority escapes same fate as DigiNotar

  • Phil Muncaster
  • Phil Muncaster
  • 14 December 2011
  • Tweet  
  • Facebook  
  •  
  •  
  • Send to  
0 Comments

SSL certificate authority GlobalSign has admitted that its web site's SSL certificate and key were compromised during a September security breach, but claimed that no customer data was exposed and no rogue certificates were issued.

The Belgian security firm was forced to stop issuing certificates from 6 to 15 September after suspecting that it may have fallen victim to the 'Comodo hacker' who compromised certificate authorities including DigiNotar and Comodo.

GlobalSign said in a statement on its web site that a web server hosting globalsign.com was breached on 9 September but that it was "peripheral" to the certificate issuance infrastructure.

"The www.globalsign.com domain is used only for the externally facing North American web sites and runs no web applications capable of requesting or issuing certificates nor does it hold any customer data," the firm said.

"The breached web server was immediately locked down and subsequently rebuilt with a new disk and hardened system image."

The security of the web has been called into question in recent months after a string of certificate authorities were breached.

SSL certificates were originally designed to validate the authenticity of web sites, but if cyber criminals manage to breach the defences of certificate authorities and issue fake SSL certs, they can effectively create web pages masquerading as real ones.

GlobalSign will be pleased it escaped the fate of DigiNotar, the Dutch certificate authority which was declared bankrupt after a breach of its systems led to the issuing of fake certificates.

  • Tweet  
  • Facebook  
  •  
  •  
  • Send to  
  • Topics
  • Security
  • Web
  • Secure Sockets Layer

V3 Latest

BT plan to close down conventional fixed-line phone network by 2025 and go all-IP
BT plan to close down conventional fixed-line phone network by 2025 and go all-IP

BT wants to make the public switched telephone network history within eight years

  • Communications
  • 20 April 2018
Facebook Login hijacked by hidden web trackers, claim security researchers
Facebook Login hijacked by hidden web trackers, claim security researchers

Personal data being purloined by third parties via Facebook Login API

  • Security
  • 20 April 2018
Apple: we've no plans to merger iOS and MacOS
Apple: we've no plans to merger iOS and MacOS

MacOS and iOS are better off apart, says CEO Tim Cook

  • Desktops
  • 20 April 2018
Oracle: Java SE 8 business users must buy a licence from January next year
Oracle: Java SE 8 business users must buy a licence from January next year

Or they'll no longer be entitled to updates and bug patches

  • Developer
  • 20 April 2018
Back to Top

Most read

Oracle: Java SE 8 business users must buy a licence from January next year
Oracle: Java SE 8 business users must buy a licence from January next year
Scientists uncover new battery chemical with 50 percent more storage capacity
Scientists uncover new battery chemical with 50 percent more storage capacity
BT plan to close down conventional fixed-line phone network by 2025 and go all-IP
BT plan to close down conventional fixed-line phone network by 2025 and go all-IP
Avast reveals more information detailing how hackers compromised CCleaner
Avast reveals more information detailing how hackers compromised CCleaner
  • Contact
  • Marketing solutions
  • Enterprise IT Events
  • About
  • Terms & conditions
  • Privacy policy
  • RSS
  • Twitter
  • Newsletters
  • Facebook
  • YouTube

© Incisive Business Media (IP) Limited, Published by Incisive Business Media Limited, New London House, 172 Drury Lane, London WC2B 5QR, registered in England and Wales with company registration numbers 09177174 & 09178013

Digital publisher of the year
Digital publisher of the year 2010, 2013, 2016 & 2017