Hackers take control of security firm's domain, steal secret data [telecom]

Hackers take control of security firm's domain, steal secret data

Attackers bypass HTTPS encryption protection by registering new TLS certificate.

By Dan Goodin

A Dutch security firm recently fell victim to a well-executed attack that allowed hackers to take control of its servers and intercept clients' login credentials and confidential data.

The security firm, Fox-IT, said in a blog post published last week that the so-called "man-in-the-middle attack" lasted for 10 hours and

24 minutes, although the attack was largely contained for much of that time. The attackers carried it out by gaining unauthorized access to Fox-IT's account with a third-party domain registrar. Next, they changed a domain name system record that designated the IP address that corresponded to the the security company's client portal. With that, the attackers effectively hijacked control of fox-it.com and all traffic sent to it.

formatting link

Reply to
Monty Solomon
Loading thread data ...

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.