Make a Lasting Impression

Join the Mailing List

Who's Online

19 user(s) are online (11 user(s) are browsing Support Forums)

Members: 0
Guests: 19

more...
ImpressCMS proudly uses SourceForge
ImpressCMS on Ohloh.net





Flame
Home away from home
Joined:
2007/12/4 9:00
Posts: 1121
Some interesting developments re. the Flame malware (MP3, 44MB) recently covered on the Security Now podcast. For a start, it now seems to be produced out of the same shop that brought you Stuxnet (ie. it would seem to be government sponsored). And how is this for nasty:

* Has a forged (but valid) certificate from Microsoft.
* Installs itself as a proxy / man in the middle against Windows Update service.
* Signs its own malicious components, using the forged Microsoft certificate and hands them off as updates.

Microsoft has reacted by introducing automatic updates to their list of untrusted/revoked certificates, creating a certificate specifically for signing updates to the Windows Update client, no longer allowing windows update to operate via a proxy, and has given advance notice that they are going to kill ALL certificates using 1024 bit keys or less, whether you like it or not.

When governments break their own laws, it seriously makes me not want to pay tax.

Posted on: 2012/6/20 23:47
Transfer the post to other applications Transfer






You can view topic.
You cannot start a new topic.
You cannot reply to posts.
You cannot edit your posts.
You cannot delete your posts.
You cannot add new polls.
You cannot vote in polls.
You cannot attach files to posts.
You cannot post without approval.

[Advanced Search]