Researchers have discovered a new data stealing Trojan called Spyumel thatemploys real certificates to evade security tools. Hackers using Spymel are using a certificate issued by DigiCert and given to SBO Invest. Since Hackers got their hands on the first certificate, DigiCert has issued another certificate but hackers are now using another certificate from SBO Invest. Tim Erlin, Director of IT Security and Risk Strategy from Tripwire says :
[su_note note_color=”#ffffcc” text_color=”#00000″]Tim Erlin, Director of Security and Product Management at Tripwire :
“Why break in when you can steal a key? Compromising authentication, from passwords to certificates, is a tried and true method for cybercriminals across the globe. The reality of compromised authentication is what drives ‘trust but verify’ and ‘defense in depth’ models. If you put all your security eggs in one basket, someone else is going to make a data omelet with them.”[/su_note][su_box title=”About Tripwire” style=”noise” box_color=”#336588″]
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.