Skip to main content
  1. Home
  2. Computing
  3. News

GlobalSign stops issuing certificates after DigiNotar hacker boast

By
GlobalSign
Image used with permission by copyright holder

Certificate authority GlobalSign has stopped issuing new security certificates after a hacker who claimed responsibility for last week’s breach of DigiNotar claimed to have access to four more certificate authorities—specifically naming GlobalSign. As a precaution, GlobalSign as temporarily stopped issued new security certificates until it can complete an investigation; the company also announced it has hired Dutch cyber-security firm Fox-IT to assist—Fox-IT just helped out with the investigation of the DigiNotar breach.

“GlobalSign takes this claim very seriously and is currently investigating,” the company wrote.

Recommended Videos

GlobalSign’s move comes after an anonymous post surfaced on Pastebin, claiming to be from the attacker who recently issued several hundred bogus security certificates from DigiNotar (including one for Google). The Pastebin account was the same one used someone claiming to have previously breached the Comodo certificate authority. The attacker has also given interviews, and claims to be a 21 year-old Iranian.

In theory, the bogus certificates could be used to intercept secured communications with a Web site via a man-in-the-middle attack. Both Fox-IT and Trend Micro have noted that a large number of IP addresses connecting to Google and authenticating via DigiNotar after the breach were from Iran.

In the meantime, Dutch telecommunications firm KPN says its Getronics unit is picking up new business from former DigiNotar customers. Major desktop Web browsers have issued updates invalidating all security certificates issued by DigiNotar in order to protect users from possible security threats.

However, smartphone users may still be at risk: no smartphone or mobile OS makers (including Google and Apple) have announced plans to revoke DigiNotar certificates on devices running their operating system. This means those devices are, in theory, still susceptible to man-in-the middle attacks that would enable others to spy on communications. Given that one of the bogus certificates was issued for Google, the threat to Android users could be significant.

Apple, Google, and other smartphone OS makers must work with carriers to get updates to their users, even in the case of serious security issues like the DigiNotar breach.

Topics
Geoff Duncan
Geoff Duncan
Former Digital Trends Contributor
Geoff Duncan writes, programs, edits, plays music, and delights in making software misbehave. He's probably the only member…
Best Alienware deals: Gaming PCs, laptops, and monitors
Alienware Aurora R15 placed at an angle on a table.

Alienware has been in the game gear industry for two decades or so now, and it keeps coming out with some of the highest-end devices, whether it's gaming laptops, gaming PCs, headsets, or even a gaming chairs. Of course, being a premium brand does also mean that you're going to be paying premium prices, which is why you'll likely want to spring for an Alienware deal if you want to pick up something from the brand. That's why we've gone out and collected our favorite deals for you below, although if you don't quite find what you're looking for, check out some of the best gaming laptop deals and the best gaming PC deals we've put together.
Alienware AW720H wireless gaming headset -- $120, was $150

A gaming headset is a great way to keep in touch with your friends while you play. The Alienware AW720H gaming headset lets you do so without the burden of wires, as it connects to your gaming setup via Bluetooth. It has a built-in microphone for outgoing communications, as well as Dolby Atmos, Surround Sound, and Stereo Sound options to help immerse you in the game and incoming communications.

Read more
Nvidia might power your next handheld gaming PC
Starfield running on the Asus ROG Ally.

Rumor has it that Nvidia is working on a system-on-a-chip (SoC) that could power PCs and even future handheld gaming devices. The speculation comes from Dan Nystedt, who says that Nvidia is working with MediaTek to develop an AI processor that could be revealed as soon as June.

Adding further weight to the rumor is XpeaGPU, who also claims Nvidia is working on a handheld SoC. The leaker says that Nvidia thinks the chip has "good market potential." This isn't the first time we've heard about Nvidia looking at the growing market of handheld gaming PCs, either. In March, leaker Moore's Law is Dead claimed that Nvidia is "worried that it's missing the boat here" with handheld gaming PCs.

Read more
ChatGPT not working? The most common problems and fixes
A person typing on a laptop that is showing the ChatGPT generative AI website.

ChatGPT is one of the most popular AI chatbots available today. Many favor the tool because it is easy to access and use; however, it is not perfect. ChatGPT is also known for down times and technical issues that can prevent you from having access to the chatbot exactly when you need it for a specific task.

There are many reasons ChatGPT might fail to work. Some challenges might arise on the side of the parent company, OpenAI, and some might come up because of your own environment. Luckily, most mishaps are typically easy to resolve with a bit of troubleshooting.

Read more