vrijdag 4 november 2011

KPN (Dutch CA) immediately stops issuing certificates after finding DDoS tools

Everybody knows the DigiNotar story.
Alot of the DigiNotar certificates were replaced by KPN by names of "Getronics PinkRoccade PKI Overheid". And now KPN finds DDoS tools on their webservers.

After the DigiNotar debacle and the move of DigiNotar's certificates to "Getronics PinkRoccade PKI Overheid" KPN decided to do some extra examination on their infrastructure. With the result of DDoS tools found on one of their webservers, dated back to 4 years ago.

At this moment KPN says they haven't found any traces -yet- on their production environment. (We all know what this means, do we?) But they cannot guarantee it's safety.

The finding of DDoS tools can be seen as a good thing. Since DDoS tools are often used by skiddo's, but it does mean someone had control over their webservers in a way nobody wants them to.

The question now is, how will Microsoft, Mozilla and Google respond to this.

4 opmerkingen:

  1. I want to appreciate and sincerely thank blackhatthacker@gmail.com for her service...She saved me from the lies of my cheating husband. She was able to hack his whatssp messages, listen to every call he either made or receive, hacked his email passwords and Facebook ...i know there are lots of people out there looking for proof and evidence about one thing or the other . Be open and real with her so she can even be at the best of her service to you. Do contact her by email on blackhatthacker@gmail.com