Hackers take control of security firm's domain, steal secret data [telecom]

Have a question or want to start a discussion? Post it! No Registration Necessary.  Now with pictures!

Hackers take control of security firm's domain, steal secret data

Attackers bypass HTTPS encryption protection by registering new TLS
certificate.

By Dan Goodin

A Dutch security firm recently fell victim to a well-executed attack
that allowed hackers to take control of its servers and intercept
clients' login credentials and confidential data.

The security firm, Fox-IT, said in a blog post published last week
that the so-called "man-in-the-middle attack" lasted for 10 hours and
24 minutes, although the attack was largely contained for much of that
time. The attackers carried it out by gaining unauthorized access to
Fox-IT's account with a third-party domain registrar. Next, they
changed a domain name system record that designated the IP address
that corresponded to the the security company's client portal. With
that, the attackers effectively hijacked control of fox-it.com and all
traffic sent to it.

https://arstechnica.com/information-technology/2017/12/hackers-steal-security-firms-secret-data-in-brazen-domain-hijack/

Site Timeline