certificates
Resurgence of malware signed with stolen certificates
Since 2009, variants of the Winwebsec rogue AV family have been trying to trick users into believing their computer has been infected and into paying for …
Opera developers explain why malicious “update” wasn’t detected
Opera Software has finally come out with more details about the recent compromise of its internal infrastructure, the theft of an expired code signing certificate, and the …
Opera infrastructure compromised, users hit with malicious update
A breach of the Opera Software internal infrastructure has resulted in the theft of an expired Opera code signing certificate and used it to sign a piece of malware, package …
Plugging the trust gap
Every business and government is dependent upon cryptographic keys and certificates to provide trust for critical communications. These trust technologies underpin the modern …
Malicious Java applet uses stolen certificate to run automatically
A signed but malicious applet that will apparently fool even the latest Java 6 update has been discovered on a German online dictionary website infected by the g01pack exploit …
Digital certificates and malware: a dangerous mix
In the past few days we have heard several stories about major corporations getting hacked and their security systems completely bypassed. If anything, that should remind us …
GitHub MitM attack orchestrated by Chinese censors?
China-based users and visitors of GitHub, the globally popular online source code repository, have been targeted with an man-in-the-middle attack late last Friday, reports …
Fraudulent digital certificate for Google web properties used in active attacks
A fraudulent digital certificate that could be used to spoof content, perform phishing attacks, or perform man-in-the-middle attacks against several Google web properties has …
Adobe admits breach, will revoke compromised code signing certificate
Adobe has confirmed that one of their build servers that has access to the Adobe code signing infrastructure has been compromised, allowing attackers to digitally sign two …
Flame abused Windows Update to spread
You have probably already heard that Microsoft released an out-of-band update that revokes three rogue certificates that were used to sign a couple of modules of the recently …
Some Flame modules were signed with rogue Microsoft certificates
While investigating the recently unearthed Flame (SkyWiper) toolkit, Microsoft’s researchers have made an unwelcome discovery. “We have discovered through our …
Featured news
Sponsored
Don't miss
- Hackers backdoored Cisco ASA devices via two zero-days (CVE-2024-20353, CVE-2024-20359)
- PoC for critical Progress Flowmon vulnerability released (CVE-2024-2389)
- GISEC Global 2024 video walkthrough
- GenAI can enhance security awareness training
- The relationship between cybersecurity and work tech innovation