Tag Archive for: CORRECTED

Adobe to revoke crypto key abused to sign malware apps (corrected)

Adobe is revoking a cryptographic key used to confirm the authenticity of its applications after discovering it was compromised by attackers who abused it to validate malicious software.

The “inappropriate use” of the Adobe code signing certificate was pulled off by attackers who compromised a build server used to compile and package the company’s applications, Adobe officials said in a statement published on Thursday. The server had access to the Adobe code-signing infrastructure, which forensic investigators have determined was used to sign two samples of malicious software.

“We believe the threat actors established a foothold on a different Adobe machine and then leveraged standard advanced persistent threat (APT) tactics to gain access to the build server and request signatures for the malicious utilities from the code signing service via the standard protocol used for valid Adobe software,” officials wrote. The private key associated with the code validation process was stored in hardware security modules and weren’t extracted during the intrusion, Adobe investigators determined. There is no evidence that any source code was stolen.

Read 4 remaining paragraphs | Comments


Ars Technica » Technology Lab

CORRECTED – India shuts server linked to Duqu virus

Web Werks, a Mumbai-based Web-hosting company, said it had given an image of the suspicious virtual private server to officials from the Indian Emergency Response Team (CERT-In), after firm Symantec Corp (SYMC.O) found the …
Read more

CORRECTED – UPDATE 1-Attacks on credit card sites a grass-roots effort – Reuters

Denial of service attacks typically use botnets, or armies of computers that have been enslaved by criminal … Sean-Paul Correll, a researcher with anti-virus firm PandaLabs who has been monitoring the activities of AnonOps, said the group had thousands …
Read more