Digital Certificate

Pierluigi Paganini June 28, 2013
Opera infrastructure hacked and digital certificate stolen

Opera software revealed that its infrastructure was attacked and a digital certificate has been stolen to sign malware and to deceive victims. On June 19th Opera suffered a cyber attack that was uncovered and contained by the same software company, the news has been provided by Opera with an official advisory published Wednesday morning. “On June […]

Pierluigi Paganini April 12, 2013
Winnti – a cyber espionage case for gaming industry

Another cyber espionage campaign has been discovered by Kaspersky Lab Team, I start to get the feeling that whatever is done online we cannot avoid being spied. What is singular this time is the sector hit by the attackers, the gaming industry, that using a malware signed with a valid digital certificate has been used […]

Pierluigi Paganini March 05, 2013
Java exploit signed with certificate stolen to Bit9

According security experts the numerous cyber attacks that hit principal IT companies, news agencies and government offices exploited zero-day vulnerabilities in Java software to the point that many recommend to uninstall Java plug-in from our browser unless absolutely necessary. Same clamor had obtained in the past the discovery that malware source codes were signed with […]

Pierluigi Paganini February 12, 2013
Adobe 0-days exploited for IEEE aerospace spearphishing attacks

Last week Adobe released a patch for Adobe Flash that fixed a zero day vulnerability, CVE-2013-0633, that is being exploited using Microsoft Office files with embedded flash content delivered via email. The vulnerability is not isolated, it is circulating the news of a new one coded CVE-2013-0634 being exploited trough web browsers such as Firefox and Safari […]

Pierluigi Paganini February 14, 2012
Trustwave vs Mozilla community for MITM Digital Certificate

After the attacks against certification authorities such as VeriSign, Comodo and DigiNotar the level of confidence in the model based on certificates is in sharp decline. There is widespread accusations addressed to the PKI paradigm (public key infrastructure ) which is based on the concept to request to trusted and credited third parties to guarantee […]