http://www.wired.com/threatlevel/2012/09/adobe-digital-cert-hacked/ By Kim Zetter Threat Level Wired.com 09.27.12 The ongoing security saga involving digital certificates got a new and disturbing wrinkle on Thursday when software giant Adobe announced that attackers breached its code-signing system and used it to sign their malware with a valid digital certificate from Adobe. Adobe said the attackers signed at least two malicious utility programs with the valid Adobe certificate. The company traced the problem to a compromised build server that had the ability to get code approved from the company’s code-signing system. Adobe said it was revoking the certificate and planned to issue new certificates for legitimate Adobe products that were also signed with the same certificate, wrote Brad Arkin, senior director of product security and privacy for Adobe, in a blog post. “This only affects the Adobe software signed with the impacted certificate that runs on the Windows platform and three Adobe AIR applications that run on both Windows and Macintosh,” Arkin wrote. “The revocation does not impact any other Adobe software for Macintosh or other platforms.” [...] -- Certified Ethical Hacker and CISSP with ExpandingSecurity.com gives the best training and support. Last 2012 CISSP and CEH starts Oct. 1! Take action now and be done before 2012 ends. Best program, best price. CISSP info signup http://www.expandingsecurity.com/product/cissp-live-online-10-week-course/ CEH info signup http://www.expandingsecurity.com/product/ceh-certified-ethical-hacker-online/ Our Live Online classes will not wreck your schedule.Received on Sun Sep 30 2012 - 22:38:07 PDT
This archive was generated by hypermail 2.2.0 : Sun Sep 30 2012 - 22:34:28 PDT