GitHub Hit by Record DDoS Attack Through Exposed Memcached Servers

In what might be the largest ever recorded distributed denial-of-service (DDoS) attack, GitHub was hit this week with more than 1TB of malicious traffic per second generated by hijacked Memcached servers. DDoS mitigation providers had warned recently t… Continue reading GitHub Hit by Record DDoS Attack Through Exposed Memcached Servers

Trustico revokes 23,000 SSL certificates due to compromise

Strap in for this one: A bizarre mess in the world of security certificates has resulted in over 23,000 SSL certificates revoked in one fell swoop, accusations of malpractice and legal threats. As to why the conflict started in the first place, we don’t exactly know. Early Wednesday, thousands of customers began receiving emails from the security firm DigiCert saying their SSL certificates were being revoked because of a security compromise at Trustico. Trustico, a SSL reseller, quickly and emphatically denied that any compromise took place. In response, DigiCert began posting numerous private keys — after the impacted certificates were changed — as proof of compromise. Here’s the Wednesday morning email that started everything: @digicert can you please explain the email I received from rapidssl/digicert blaming @MrTrustico for the revocation of my certs in 24hrs due to them reporting a compromise of the private keys? Where’s the proof of the report/breach? Why are […]

The post Trustico revokes 23,000 SSL certificates due to compromise appeared first on Cyberscoop.

Continue reading Trustico revokes 23,000 SSL certificates due to compromise