As a result of the DigiNotar Certificate Authority hack, Google and Mozilla released updates to Chrome and Firefox in order to remove the root certificate.

A rogue * SSL certificate found in the wild and researchers said they possibly saw use by the Iranian government in country-wide man-in-the-middle attacks against Gmail users.

Certificate Authority Breached; Sites Suffer
Breach: More SCADA System Holes
Compliance Does Not Mean Secure
SCADA Hacking via Search Engines

The certificate issuer, VASCO-owned DigiNotar admitted suffering a security breach in July which resulted in hackers issuing rogue certificates for several high-profile domains.

Despite undergoing an internal investigation and an audit performed by an external party, the company failed to revoke the rogue Google certificate used for weeks.

Schneider Bold

The incident comes after in March an Iranian hacker broke into the network of Comodo reseller and issued several rogue certificates.

Mozilla, Google and Microsoft quickly unveiled their plans to remove the DigiNotar root certificate from their products.

Mozilla and Google made good on those promises with the release of Firefox 6.0.1, Firefox 3.6.21, and Chrome 13.0.782.218 respectively. In addition to removing the DigiNotar CA cert, the new Chrome version also updates the bundled Flash Player plug-in.

Pin It on Pinterest

Share This