[Dailydave] Code signing FTW!
Dave Aitel
dave at immunityinc.com
Thu Sep 27 16:39:25 EDT 2012
Good Muse Everyone!
http://blogs.adobe.com/asset/2012/09/inappropriate-use-of-adobe-code-signing-certificate.html
My fav. line in the above is " There is no evidence to date that any
source code was stolen."
I mean, aside from the obvious fact that the attackers were knowledgable
enough about the organization to find and use the custom code-signing
API. The Chinese modus operandi is to dump tools that have been
discovered, so maybe we will be lucky enough to see them posted to a
Chinese forum shortly?
If it affects the Windows platform, does that mean attackers can
autoupdate your Reader with signed versions of pwdump? Hard to know from
the Adobe press release.
(That said, the Key itself was stored on hardware, which is a step up
from the Fedora attack...)
-dave
--
INFILTRATE - the world's best offensive information security conference.
April 2013 in Miami Beach
www.infiltratecon.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.immunityinc.com/pipermail/dailydave/attachments/20120927/70038efa/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 264 bytes
Desc: OpenPGP digital signature
URL: <https://lists.immunityinc.com/pipermail/dailydave/attachments/20120927/70038efa/attachment.sig>
More information about the Dailydave
mailing list