Sep 06

Rogue SSL certs were also issued for CIA, MI6, Mossad (Help Net Security):

The number of rogue SSL certificates issued by Dutch CA DigiNotar has balooned from one to a couple dozen to over 250 to 531 in just a few days.As Jacob Appelbaum of the Tor project shared the full list of the rogue certificates, it became clear that fraudulent certificates for domains of a number of intelligence agencies from around the world were also issued during the CA’s compromise – including the CIA, MI6 and Mossad.

Additional targeted domains include Facebook, Yahoo!, Microsoft, Skype, Twitter, Tor, WordPress and many others.

He received the list from sources in the Dutch Government, which has retracted its statement about trusting DigiNotar’s PKIoverheid CA branch, announced to its citizens that it cannot guarantee the security of its own websites, and taken over DigiNotar’s operations and immediately organized audits of its infrastructure.

Continue reading »

Tags: , , , , , , , , , , , , , , , , , ,