Yet another official reseller of SSL certificate authority Comodo has suffered a security breach that allowed attackers to gain unauthorized access to data. Brazil-based ComodoBR is at least the fourth Comodo partner to be compromised this year. In March, the servers of a separate registration authority were hacked by attackers …

COMMENTS

House rules Send corrections

This topic is closed for new posts.

Tuesday 24th May 2011 21:27 GMT trarch

Deja Vu

SQL injection? Seriously?

Where are the security folk in these companies and what are they doing?

It's just pitiful that these companies are falling down one after another after another.

0 0
Tuesday 24th May 2011 23:01 GMT Destroy All Monsters

Comodo resellers cascading compromise?

Do they use some packaged webapp by Comodo that needs a bit of patching?

Also, xkcd's Exploits of a Mom, Gaius Baltar etc..

0 0
Wednesday 25th May 2011 06:08 GMT Anonymous Coward

SQL injection?

How can anyone, especially a security company, be vulnerable to SQL injections nowadays?

Anybody knows that to secure your application you can use stored procedures and disallow direct access to the data tables. Or at least use prepared statements.

0 0
Wednesday 25th May 2011 09:49 GMT Anonymous Coward

There we go

Comodo has now been removed as a trusted root on the systems I manage.

1 0
Monday 30th May 2011 20:35 GMT Highlander

Excuse me, where is scorn?

Where is all the vitriolic scorn that is directed at Sony every time there is an SQL injection attack on some tiny system of theirs these days? We can be scornful of a consumer entertainment conglomerate having a few security issues, but when a firm that is dedicated to internet security gets hacked through an SQL injection attack we talk about it as if it's small news?

Eh? Seems like if anyone deserves scorn after an attack, it's a company that specializes in Internet security

0 0