CA

Scandalised by the snooping certificate issued by Trustwave, a heise Security reader, Sebastian Wiesinger, has submitted a report to Mozilla's bug database in which he requests that Trustwave's root certificates be removed from all Mozilla products. Mozilla's Kathleen Wilson, who handles the issue, has accepted the submission and requested a statement from Trustwave. Trustwave's Brian Trzupek has already announced the release of further information which, he says, is still waiting for internal approval.

Probably the most disturbing data breaches of 2011 involved security companies themselves coming under determined and sustained attacks. RSA and DigiNotar both fell victim to hackers, sending shockwaves through the security community.