Go Back   Professional Soldiers ® > Technical FAQ Forum > Technology News and Reviews
Reload this Page Another CA(Certificate Authority) breached, fraudulent Google certificate issued
Register FAQ Calendar

Reply
 
Thread Tools Display Modes
Old 08-30-2011, 16:03   #1
BOfH
Guerrilla Chief
 
Join Date: Jun 2011
Location: NYC Area
Posts: 828
Another CA(Certificate Authority) breached, fraudulent Google certificate issued
http://isc.sans.org/diary/DigiNotar+SSL+Breach/11479

The attacker(s) generated a valid wildcard certificate for google.com. This means they can "legitimately" present themselves as "anything dot google dot com" via SSL(HTTPS), and steal ones Google credentials without the browser notifying you of any issues with the certificate presented. At the moment, the phishing attempts were targeted against Iranian Google users.

According to a pastebin post(http://pastebin.com/ff7Yg663), the certificates serial is 05:e2:e6:a4:cd:09:ea:54:d6:65:b0:75:fe:22:a2:56 and the thumbprint is 3b 0c 91 34 b9 79 48 74 17 f2 b8 c5 bc e7 22 b9 fb 6d f6 4a

http://support.mozilla.com/en-US/kb/...inotar-ca-cert
http://www.microsoft.com/technet/sec...y/2607712.mspx
__________________
"Crime is an extension of business through illegal means, politics is an extension of crime through *legal* means."
BOfH is offline   Reply With Quote
Old 09-01-2011, 08:56   #2
BOfH
Guerrilla Chief
 
Join Date: Jun 2011
Location: NYC Area
Posts: 828
Some follow up:

Additional fraudulent certificates were created for Mozilla, Yahoo and Wordpress as well as some other. More here: http://isc.sans.org/diary/DigiNotar+...y+so+far/11500
__________________
"Crime is an extension of business through illegal means, politics is an extension of crime through *legal* means."
BOfH is offline   Reply With Quote
Old 09-01-2011, 09:02   #3
LongWire
Quiet Professional
 
LongWire's Avatar
 
Join Date: Jan 2006
Location: N.E.WA
Posts: 1,137
Damn......Thanks........
__________________
"Most of us here can attest that we never took the easy way. Easy just is............easy. Life is a work in progress, and most of the time its a struggle." ~ Me

"Every normal man must be tempted at times to spit upon his hands, hoist the black flag, and begin slitting throats." -Henry Louis Mencken (1880-1956)

"A Government that is losing to an insurgency is not being outfought, it is being out governed." Bernard B. Fall
LongWire is offline   Reply With Quote
Reply

« Previous Thread | Next Thread »

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump



All times are GMT -6. The time now is 16:43.
Mark Forums Read | View Forum Leaders
Contact Us - Professional Soldiers ® - Archive - Top



Copyright 2004-2022 by Professional Soldiers ®
Site Designed, Maintained, & Hosted by Hilliker Technologies