back to article New hack on Comodo reseller exposes private data

Yet another official reseller of SSL certificate authority Comodo has suffered a security breach that allowed attackers to gain unauthorized access to data. Brazil-based ComodoBR is at least the fourth Comodo partner to be compromised this year. In March, the servers of a separate registration authority were hacked by attackers …

COMMENTS

This topic is closed for new posts.
  1. trarch
    FAIL

    Deja Vu

    SQL injection? Seriously?

    Where are the security folk in these companies and what are they doing?

    It's just pitiful that these companies are falling down one after another after another.

  2. Destroy All Monsters Silver badge
    Pirate

    Comodo resellers cascading compromise?

    Do they use some packaged webapp by Comodo that needs a bit of patching?

    Also, xkcd's Exploits of a Mom, Gaius Baltar etc..

  3. Martijn Otto
    FAIL

    SQL injection?

    How can anyone, especially a security company, be vulnerable to SQL injections nowadays?

    Anybody knows that to secure your application you can use stored procedures and disallow direct access to the data tables. Or at least use prepared statements.

  4. Anonymous Coward
    FAIL

    There we go

    Comodo has now been removed as a trusted root on the systems I manage.

  5. Highlander

    Excuse me, where is scorn?

    Where is all the vitriolic scorn that is directed at Sony every time there is an SQL injection attack on some tiny system of theirs these days? We can be scornful of a consumer entertainment conglomerate having a few security issues, but when a firm that is dedicated to internet security gets hacked through an SQL injection attack we talk about it as if it's small news?

    Eh? Seems like if anyone deserves scorn after an attack, it's a company that specializes in Internet security

This topic is closed for new posts.

Biting the hand that feeds IT © 1998–2020