RSS

Bit9 hacked and keys used to sign malware

Fri, Feb 8, 2013

Administrative

Brian Krebs reported today that security firm Bit9 has suffered a breach. Apparently the bad guys got access to Bit9’s code signing certificates. This is bad for many reasons. I’m guessing that this code signing certificate is signed by a trusted CA. This would mean that malware signed with it would “appear” legitimate. What’s worse is that according to reports the Bit9 software will automatically trust anything signed by the Bit9 certificate.

Ruh Roh Shaggy.  This should make the RSA Conference experience very interesting for Bit9.

–Chris

Print Friendly

This post was written by:

- who has written 181 posts on InfoSecPodcast.com.


Contact the author

Leave a Reply

Bad Behavior has blocked 531 access attempts in the last 7 days.

Rodney's 404 Handler Plugin plugged in.