Search This Blog

SSL Certificate Authority KPN stopped issuing certificates

SSL(Secure Socket Layer) Certificate Authority , KPN stopped issuing certificates after the detection of DDOS Tool on Server.  KPN is Netherlands based SSL certificated provider.  They found DDOS tool on their server during the Security Audit, the tool may have been there for as long as four years.
"Although there is no evidence that the production of the certificate is compromised, can not be completely excluded that this did happen. Therefore, KPN Corporate Market (formerly Getronics) decided the application and issuance of new certificates temporarily discontinued, pending further investigation. This is to ensure that the certificates be issued optimal procedure is safe and reliable.

KPN has replaced the web servers. An additional, independent investigation takes place to ensure that KPN complies with the required safeguards, procedures and rules applicable to the issue of Internet safety certificates. Interior Ministry and Logius, agency e-government, are closely involved in the processA."  Said in official statement,translate to english.

Previously, Another Dutch Based Certificate authority, DigiNotar compromised by unknown attacker,issuing a huge number of fraudulent, but valid, certificates for high-value domains, including some belonging to Google, Yahoo, the CIA and others. This results in DigiNotar went out of Business and KPN get new customers from DigiNotar. But now KPN Server is Breached.

KPN has replaced the web servers. An additional, independent investigation takes place to ensure that KPN complies with the required safeguards, procedures and rules applicable to the issue of Internet safety certificates. Interior Ministry and Logius, agency e-government, are closely involved in the process.


Share it:

DDOS Attacks

DDOS Tools

Hackers News

Server Compromise

SSL Hacks

Vulnerability

Web Application Vulnerability