It is known that China has a strong economical relation with Ethiopia. However, it is unknown why a piece of malware signed with a VeriSign certificate from a Chinese firm calls back to an Ethiopian command and control server.
Security researchers from Norman have stumbled upon this curious-looking malware, which, a... |
4 May 2012
05:12 GMT |
 |
|
GlobalSign representatives admitted that an open source software that was left unpatched on one of their servers allowed cybercriminals to gain access to their systems and steal a digital certificate.
A company executive told ZDNet that the application had not been updated because it wasn’t “included in... |
26 April 2012
10:17 GMT |
|
|
UK’s MI5 Security Service forgot to renew its official website’s SSL digital certificate that expired on April 16. As a result, users who tried to access the site were met with a warning that flagged the site as being untrusted. SpyBlog informs that the agency’s site redirects to a HTTPS connection... |
17 April 2012
04:15 GMT |
|
|
Symantec representatives revealed that the company managed to track down the digital certificate stolen from Swiss firm Conpavi AG. Last week, Kaspersky researchers discovered that the certificate was being used by cybercriminals to sign the Mediyes Trojan, a piece of malware designed to intercept browser requests ... |
20 March 2012
11:04 GMT |
|
|
Kaspersky Lab experts came across pieces of malware that were validated by a legitimate digital certificate issued by Symantec's VeriSign for a Swiss company called Conpavi AG, known for working with government agencies from Switzerland. Identified by Kaspersky as Trojan-Dropper.Win32.Mediyes or Trojan-Dropper.W... |
17 March 2012
07:37 GMT |
|
|
Microsoft has issued an update designed to remove trust for two Intermediate Certificate Authorities (CA) certificates from DigiCert Sdn. Bhd.
DigiCert Sdn. Bhd, is a subordinate certification authority (CA) of Entrust and GTE, based in Malaysia, and the Redmond company provided a heads-up of this refresh as of the ... |
11 November 2011
08:58 GMT |
|
|
A recently identified ZeuS trojan sample is digitally signed with a fake certificate whose purpose is to make the piece of malware harder to detect.According to security experts from Avira who discovered the sample, the digital certificate is signed by an entity called "DetectMe :)" and dates since the end of Februar... |
14 April 2011
02:24 GMT |
|
|
The security of the public key infrastructure (PKI), which is used to establish trust on the Internet via digital certificates, was the main focus of the 80th Internet Engineering Task Force (IETF) meeting.The Internet Engineering Task Force (IETF) is an open standards organization composed of working groups and disc... |
4 April 2011
09:57 GMT |
|
|
Mozilla has published more information about the recent incident where hackers obtained rogue SSL certificates for high-profile domains via Comodo and admitted that keeping the whole thing under wraps for a week was not a good decision.The compromise occurred sometime around March 15 and involved hackers obtaining th... |
28 March 2011
00:48 GMT |
|
|
Security researchers warn that a newly identified ZeuS sample is signed with a fake digital certificate allegedly issued to German antivirus vendor Avira.Code signing has been possible since the days of Windows NT, however, adoption of the technology was slow until Windows Vista and Windows 7, where UAC (User Access ... |
21 February 2011
02:59 GMT |
|
|
Security researchers warn of a new trojan, which is distributed via tax-related spam and is particularly designed to steal digital certificates from infected computers.The new threat, detected by Symantec as Infostealer.Nimkey, arrives on systems as files called irs-pdf-f941.irs.com, report6.com or details.com.The us... |
22 September 2010
03:55 GMT |
|
|
Security researchers from Kaspersky Lab warn that malware dropped by the latest PDF-based attacks is digitally signed with a certificate stolen from a credit union.The new attacks targeting a zero-day vulnerability in Adobe Reader seems to become more sophisticated by the hour.One of the exploits uses return-oriented... |
9 September 2010
03:50 GMT |
|
|
Security researchers from ESET have found a new piece of digitally signed malware related to the recently discovered Stuxnet worm. The new threat was created last week and abuses a certificated from a different integrated circuits (IC) manufacturer called JMicron Technology Corporation.The hottest topic in the antivi... |
20 July 2010
04:10 GMT |
|
|
A new phishing scheme is actively targeting customers of the Bank of America Direct Digital Certificate program. Spam e-mails try to trick users into providing their login credentials to a fake page, which also attempts to infect them with malware. Bank of America Direct is a full-service Internet-based system, gene... |
3 June 2009
04:28 GMT |
|
|
Find us on Google+
