A New Data Stealing Trojan called Spyumel

By   ISBuzz Team
Writer , Information Security Buzz | Jan 12, 2016 09:00 pm PST

Researchers have discovered a new data stealing Trojan called Spyumel thatemploys real certificates to evade security tools. Hackers using Spymel are using a certificate issued by DigiCert and given to SBO Invest. Since Hackers got their hands on the first certificate, DigiCert has issued another certificate but hackers are now using another certificate from SBO Invest. Tim Erlin, Director of IT Security and Risk Strategy from Tripwire says :

[su_note note_color=”#ffffcc” text_color=”#00000″]Tim Erlin, Director of Security and Product Management at Tripwire :

“Why break in when you can steal a key? Compromising authentication, from passwords to certificates, is a tried and true method for cybercriminals across the globe. The reality of compromised authentication is what drives ‘trust but verify’ and ‘defense in depth’ models. If you put all your security eggs in one basket, someone else is going to make a data omelet with them.”[/su_note][su_box title=”About Tripwire” style=”noise” box_color=”#336588″]Tripwire logoTripwire is a leading provider of advanced threat, security and compliance solutions that enable enterprises, service providers and government agencies to confidently detect, prevent and respond to cybersecurity threats. Tripwire solutions are based on high-fidelity asset visibility and deep endpoint intelligence combined with business-context and enable security automation through enterprise integration. Tripwire’s portfolio of enterprise-class security solutions includes configuration and policy management, file integrity monitoring, vulnerability management and log intelligence.[/su_box]