Researchers have discovered a new data stealing Trojan called Spyumel thatemploys real certificates to evade security tools. Hackers using Spymel are using a certificate issued by DigiCert and given to SBO Invest. Since Hackers got their hands on the first certificate, DigiCert has issued another certificate but hackers are now using another certificate from SBO Invest. Tim Erlin, Director of IT Security and Risk Strategy from Tripwire says :
[su_note note_color=”#ffffcc” text_color=”#00000″]Tim Erlin, Director of Security and Product Management at Tripwire :
“Why break in when you can steal a key? Compromising authentication, from passwords to certificates, is a tried and true method for cybercriminals across the globe. The reality of compromised authentication is what drives ‘trust but verify’ and ‘defense in depth’ models. If you put all your security eggs in one basket, someone else is going to make a data omelet with them.”[/su_note][su_box title=”About Tripwire” style=”noise” box_color=”#336588″]
Tripwire is a leading provider of advanced threat, security and compliance solutions that enable enterprises, service providers and government agencies to confidently detect, prevent and respond to cybersecurity threats. Tripwire solutions are based on high-fidelity asset visibility and deep endpoint intelligence combined with business-context and enable security automation through enterprise integration. Tripwire’s portfolio of enterprise-class security solutions includes configuration and policy management, file integrity monitoring, vulnerability management and log intelligence.[/su_box]
About the Author
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.
