{"id":3317,"date":"2025-05-26T10:00:00","date_gmt":"2025-05-26T10:00:00","guid":{"rendered":"https:\/\/cybersecurityinfocus.com\/?p=3317"},"modified":"2025-05-26T10:00:00","modified_gmt":"2025-05-26T10:00:00","slug":"open-mpic-project-defends-against-bgp-attacks-on-certificate-validation","status":"publish","type":"post","link":"https:\/\/cybersecurityinfocus.com\/?p=3317","title":{"rendered":"Open MPIC project defends against BGP attacks on certificate validation"},"content":{"rendered":"<div>\n<div class=\"grid grid--cols-10@md grid--cols-8@lg article-column\">\n<div class=\"col-12 col-10@md col-6@lg col-start-3@lg\">\n<div class=\"article-column__content\">\n<div class=\"container\"><\/div>\n<p><a href=\"https:\/\/www.networkworld.com\/article\/969572\/bgp-what-is-border-gateway-protocol-and-how-does-it-work.html\">Border Gateway Protocol (BGP<\/a>) hijacking has long represented a critical vulnerability in the internet\u2019s infrastructure, allowing attackers to silently redirect traffic between endpoints. The risk is so great the U.S. government has even branded it as a\u00a0<a href=\"https:\/\/www.networkworld.com\/article\/3504845\/white-house-brands-bgp-routing-a-national-security-concern-as-it-unveils-reform-roadmap.html\">national security concern<\/a>.<\/p>\n<p>A particularly concerning exploitation target is the domain validation process used by certificate authorities (CA) to verify ownership before issuing SSL\/TLS certificates. These are the certificates that are used by all web browsers to connect securely to websites. To combat this threat, the CA\/Browser Forum has issued a directive for CAs to support Multi-Perspective Issuance Corroboration (MPIC), starting in September 2025.<\/p>\n<p><a href=\"https:\/\/www.networkworld.com\/article\/3994132\/open-mpic-project-defends-against-bgp-attacks-on-certificate-validation.html\">Continue reading on Network World.<\/a><\/p>\n<\/div>\n<\/div>\n<\/div>\n<\/div>","protected":false},"excerpt":{"rendered":"<p>Border Gateway Protocol (BGP) hijacking has long represented a critical vulnerability in the internet\u2019s infrastructure, allowing attackers to silently redirect traffic between endpoints. The risk is so great the U.S. government has even branded it as a\u00a0national security concern. A particularly concerning exploitation target is the domain validation process used by certificate authorities (CA) to [&hellip;]<\/p>\n","protected":false},"author":0,"featured_media":3318,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[3],"tags":[],"class_list":["post-3317","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-education"],"_links":{"self":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/posts\/3317"}],"collection":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"replies":[{"embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=3317"}],"version-history":[{"count":0,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/posts\/3317\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/media\/3318"}],"wp:attachment":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=3317"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=3317"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=3317"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}