Slashdot Mirror

← Back to Stories (view on slashdot.org)

GlobalSign Web Server Hacked, But Not CA

Posted by timothy on from the goes-the-story-thus-far dept.

Trailrunner7 writes "GlobalSign has found evidence that its main Web server was compromised recently, but has not discovered any indications that its certificate authority infrastructure was hacked, contrary to claims by the attacker responsible for the DigiNotar CA hack."

1 of 35 comments (clear)

  1. They found a compromise... by mysidia · · Score: 3, Informative

    The CA/PKI might not have been invaded yet A compromise of a website can lead to an intruder gaining further access, however.

    Suffice to say... access to a webserver is a foothold that an intruder can attempt to leverage to gain further access. Depending on how robust the further lines of defenses are, and if any security mistakes were made (such as webservers allowed through firewalls to some internal hosts or credentials the intruder can capture that can lead to access to systems closer to back office or CA functions).

    Even a compromise that doesn't result in immediate PKI access may lead to that, through additional successive breaches, and successive social engineering... also known as "Advanced Persistent Threat" (to use the latest lingo for referring to the situation)