SANS Digital Forensics and Incident Response Blog: Tag - CA

UPDATED DigiNotarSSL Incident Response Report: No Logging, Weak Password, No Protected Network

On Monday evening, as the host of CyberJungleRadio, I received a copy of the then just published report that appears to be from the security firm Fox-IT, the company hired by DigiNotar to investigate the massive SSL breach. On page nine of the thirteen page report, a shocking series of security omissions are revealed: No … Continue reading UPDATED DigiNotarSSL Incident Response Report: No Logging, Weak Password, No Protected Network