Skip to main content
  1. Home
  2. Computing
  3. News

GlobalSign stops issuing certificates after DigiNotar hacker boast

Geoff Duncan
By
GlobalSign
Image used with permission by copyright holder

Certificate authority GlobalSign has stopped issuing new security certificates after a hacker who claimed responsibility for last week’s breach of DigiNotar claimed to have access to four more certificate authorities—specifically naming GlobalSign. As a precaution, GlobalSign as temporarily stopped issued new security certificates until it can complete an investigation; the company also announced it has hired Dutch cyber-security firm Fox-IT to assist—Fox-IT just helped out with the investigation of the DigiNotar breach.

“GlobalSign takes this claim very seriously and is currently investigating,” the company wrote.

Recommended Videos

GlobalSign’s move comes after an anonymous post surfaced on Pastebin, claiming to be from the attacker who recently issued several hundred bogus security certificates from DigiNotar (including one for Google). The Pastebin account was the same one used someone claiming to have previously breached the Comodo certificate authority. The attacker has also given interviews, and claims to be a 21 year-old Iranian.

In theory, the bogus certificates could be used to intercept secured communications with a Web site via a man-in-the-middle attack. Both Fox-IT and Trend Micro have noted that a large number of IP addresses connecting to Google and authenticating via DigiNotar after the breach were from Iran.

In the meantime, Dutch telecommunications firm KPN says its Getronics unit is picking up new business from former DigiNotar customers. Major desktop Web browsers have issued updates invalidating all security certificates issued by DigiNotar in order to protect users from possible security threats.

However, smartphone users may still be at risk: no smartphone or mobile OS makers (including Google and Apple) have announced plans to revoke DigiNotar certificates on devices running their operating system. This means those devices are, in theory, still susceptible to man-in-the middle attacks that would enable others to spy on communications. Given that one of the bogus certificates was issued for Google, the threat to Android users could be significant.

Apple, Google, and other smartphone OS makers must work with carriers to get updates to their users, even in the case of serious security issues like the DigiNotar breach.

Topics
Geoff Duncan
Geoff Duncan
Former Digital Trends Contributor
Geoff Duncan writes, programs, edits, plays music, and delights in making software misbehave. He's probably the only member…
How to allow pop-ups on a Mac
A person using 1Password on a MacBook.

When we say “pop-ups,” we bet one of the first thoughts that comes to mind are those aggressive mini-windows that take up precious screen real estate when you’re trying to browse a site. That is definitely one kind of pop-up, but what if we told you that not all pop-ups are nuisances? Notifications from your favorite websites might be the kind of thing you don’t want to miss; and technically, these are pop-ups!

Read more
How to create a Smart Folder on a Mac
Looking down at the keyboard and trackpad on a MacBook Pro.

Creating folders is a great way to organize all the files on your Mac. But after a while, a stockpile of folders is no better than a stockpile of standalone media, software, and docs. If you’re up to your neck in traditional Mac folders, you should try making a Smart Folder instead!

Read more
MacBook Pro OLED: Here’s everything we know so far
Halo running on a MacBook Pro.

While many of Apple’s laptop rivals have embraced OLED screens, Apple has stuck firmly with mini-LED in its MacBook Pro -- and the results have been spectacular. As we said when we reviewed the M3 Max MacBook Pro, it has the best display out of any laptop, bar none.

Yet there whispers that Apple is working on something even better: its own brand of OLED display that could take the MacBook Pro to the next level. It’s still early days, and there are all sorts of different rumors flying about, but it seems that something big is definitely in the works.

Read more