Fox-IT Completes the Picture On the Factored RSA-512 Keys

Posted by Soulskill on Monday November 21, 2011 @10:50AM from the sneaky-rogues-with-broken-keys dept.

An anonymous reader sends in this excerpt from the Fox-IT blog: "During recent weeks we have observed several interesting publications which have a direct relation to an investigation we worked on recently. On one hand there was a Certificate Authority being revoked by Mozilla, Microsoft and Google (Chrome), on the other hand there was the disclosure of a malware attack by Mikko Hypponen (FSecure) using a government issued certificate signed by the same Certificate Authority. That case, however, is not self-contained, and a whole range of malicious software had been signed with valid certificates. The malicious software involved was used in targeted attacks focused on governments, political organizations and the defense industry. The big question is, of course, what happened, and how did the attackers obtain access to these certificates? We will explain here in detail how the attackers have used known techniques to bypass the Microsoft Windows code signing security model."

1 of 38 comments (clear)

Min score:

Reason:

Sort:

Re:Short answer by gatekeep · 2011-11-21 11:18 · Score: 1, Redundant

Fox-It is based in the Netherlands. This makes it likely that the author's native language is not English.
Would you be able to form a coherent thought in Dutch that a native speaker wouldn't find awkward?