Post Syndicated from David original http://feedproxy.google.com/~r/DevilsAdvocateSecurity/~3/fEEytgsfT1w/messages-from-purported-comodo-hacker.html
The purported Comodo hacker has posted a number of documents on pastebin. The hacker claims to have used API access to generate the certificates mentioned inComodo has also recently announced that two additional resellers were also breached.The documents are well worth a read to understand how web based infrastructure services might be breached, and where we might expect to see attacks in the future. API accessibility and vulnerable servers make for a nasty combination when a trust based infrastructure is in play.
_uacct = “UA-1423386-1”;