NNSquad - Network Neutrality Squad

NNSquad Home Page

NNSquad Mailing List Information


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[ NNSquad ] Attackers sign malware using crypto certificate stolen from Opera Software

Attackers sign malware using crypto certificate stolen from Opera Software

http://j.mp/11JqQ1l  (ars technica)

  "Opera's advisory leaves out key information that makes it hard to
   assess just how much damage was done. Missing details include when the
   attackers first gained access to the servers, precisely when the
   stolen digital certificate expired, and whether there's reason to
   believe other certificates may also have been obtained. It would also
   be useful to know how hackers got access to an official Opera digital
   certificate, which is supposed to cryptographically prove that the
   software that bears its seal could only have come from the company. As
   Ars reported last year, companies such as Symantec go to great lengths
   to secure such keys, although Opera is hardly alone in losing control
   of such a valuable certificate."

 - - -
Lauren Weinstein (lauren@vortex.com): http://www.vortex.com/lauren 
Co-Founder: People For Internet Responsibility: http://www.pfir.org/pfir-info
 - Network Neutrality Squad: http://www.nnsquad.org 
 - PRIVACY Forum: http://www.vortex.com/privacy-info
 - Data Wisdom Explorers League: http://www.dwel.org
 - Global Coalition for Transparent Internet Performance: http://www.gctip.org
Member: ACM Committee on Computers and Public Policy
Lauren's Blog: http://lauren.vortex.com
Google+: http://vortex.com/g+lauren / Twitter: http://vortex.com/t-lauren 
Tel: +1 (818) 225-2800 / Skype: vortex.com
nnsquad mailing list