Germany-based researchers found a way to spoof certificates, even those protected with PKI-based domain validation, according to the
Register.
With nothing more than a laptop, the group was able to steal credentials and eavesdrop on certificate authorities. “We evaluated the attack against a number of CAs and we set up a live (automated) demo against one CA,” said Dr. Haya Shulman, head of the cyber security, analytics and defenses division at the
Fraunhofer Institute for Secure Information Technology.
“Essentially, many CAs that support domain validation can be attacked. We demonstrated an attack which redirects the CA to an attacker machine via DNS cache poisoning," Shulman said.
Officials warn about expansive, ongoing China espionage threat riding on Brickstorm malware
Lumma infostealer malware operation disrupted, 2,300 domains seized
Security & Networking Protocols – Quick Reference