VB Migration

Tag: certificate

  • Malware authors’ continued use of stolen certificates isn’t all bad news

    A malware campaign has been using code-signing certificates stolen from Taiwanese companies to sign its samples, ESET researcher and regular VB conference speaker Anton Cherepanov writes . Malware signed with stolen certificates isn’t a new phenomenon. Stuxnet famously used stolen certificates, also from Taiwanese companies, and in 2016 Symantec wrote about a malware campaign that…

  • Malware authors’ continued use of stolen certificates isn’t all bad news

    A malware campaign has been using code-signing certificates stolen from Taiwanese companies to sign its samples, ESET researcher and regular VB conference speaker Anton Cherepanov writes . Malware signed with stolen certificates isn’t a new phenomenon. Stuxnet famously used stolen certificates, also from Taiwanese companies, and in 2016 Symantec wrote about a malware campaign that…

  • Let’s Encrypt certificate used in malversiting

    We’d better get used to a world where malicious traffic is encrypted too. According to some people, myself included, Let’s Encrypt was one of the best things that happened to the Internet in 2015. Now that, as of December, the service is in public beta, anyone can register certificates for domains they own, in a…

  • Google ‘suspends’ CNNIC from Chrome’s certificate store

    Chinese certificate authority told to re-apply. When a web client, such as a browser, attempts to make an HTTPS connection, it needs to know that no man-in-the-middle attack is taking place. The web server therefore proves its authenticity by presenting the client with a certificate. This certificate is cryptographically signed by a certificate authority (CA),…

  • 1 in 500 secure connections use forged certificate

    For reasons ranging from relatively good, to actual malware. Researchers from Facebook and Carnegie Mellon University have published a paper ( PDF ) in which they show that out of a sample of over 3 million secure connections to Facebook , 0.2% used a forged SSL certificate. SSL and its successor TLS are encryption protocols…

  • Iranians spied on using rogue DigiNotar certificates

    Fake certificates signed for CIA, Mossad, Google, Facebook. It is likely that Iranian Internet users have been spied on following a hack discovered at Dutch certificate authority (CA) DigiNotar last week, according to Trend Micro . In July, a hack at DigiNotar resulted in a large number of fake SSL certificates being issued for popular…