Dailydave mailing list archives
Code signing FTW!
From: Dave Aitel <dave () immunityinc com>
Date: Thu, 27 Sep 2012 16:39:25 -0400
Good Muse Everyone! http://blogs.adobe.com/asset/2012/09/inappropriate-use-of-adobe-code-signing-certificate.html My fav. line in the above is " There is no evidence to date that any source code was stolen." I mean, aside from the obvious fact that the attackers were knowledgable enough about the organization to find and use the custom code-signing API. The Chinese modus operandi is to dump tools that have been discovered, so maybe we will be lucky enough to see them posted to a Chinese forum shortly? If it affects the Windows platform, does that mean attackers can autoupdate your Reader with signed versions of pwdump? Hard to know from the Adobe press release. (That said, the Key itself was stored on hardware, which is a step up from the Fedora attack...) -dave -- INFILTRATE - the world's best offensive information security conference. April 2013 in Miami Beach www.infiltratecon.com
Attachment:
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Dailydave mailing list Dailydave () lists immunityinc com https://lists.immunityinc.com/mailman/listinfo/dailydave
Current thread:
- Code signing FTW! Dave Aitel (Sep 27)