http://www.networkworld.com/news/2012/031912-symantec-stolen-key-257407.html By Ellen Messmer Network World March 19, 2012 When Kaspersky Lab last week spotted code-signed Trojan malware dubbed Mediyes that had been signed with a digital certificate owned by Swiss firm Conpavi AG and issued by Symantec, it touched off a hunt to determine the source of the problem. The answer, says Symantec's website security services (based on the VeriSign certificate and authentication services acquisition), is that somehow the private encryption key associated with Conpavi AG certificate had been stolen. "The private key for Conpavi was exposed," says Quentin Liu, senior director of engineering at the Symantec division. "Someone got hold of the private key." For this type of digital certificate, the private key is held by the certificate owner, in this case, Conpavi. Whether the private encryption key was stolen by an insider at Conpavi or outside attacker isn't known. But the incident points out the risks associated with private encryption keys for this type of digital certificate and the need to safeguard them. Symantec has revoked the Conpavi certificate that was used to digitally sign the Mediyes malware and is assisting the Swiss firm in analyzing what occurred and helping them prevent this from happening again. [...] ______________________________________________________________________________ CISSP and CEH training with Expanding Security is the fastest, easiest way to grock the relevant data you need now. A free class invite is in every PainPill. Sign up for the free weekly PainPill . It's that easy. http://www.expandingsecurity.com/PainPillReceived on Tue Mar 20 2012 - 01:07:36 PDT
This archive was generated by hypermail 2.2.0 : Tue Mar 20 2012 - 01:11:37 PDT