Explore the latest news and trends  

Sign up for our weekly security newsletter


Be the first to receive important updates on security





Send

Kaspersky Warns that Undependable Security Certificates Doubled in 2014

Cybersecurity vendor Kaspersky Lab says that signing of malicious software (malware) by untrusted security certificates have doubled in number during the period of last year.

The antivirus database tracked more than 6,000 such certificates by the end of 2014 which are carrying potentially implications for corporate security policies.

Cbronline.com published news on 30th January, 2015 quoting a blog of Andrey Ladikov, Head of Strategic Research of Kaspersky, as "Many system administrators develop their corporate security policies by allowing users to launch only those files which are signed with a digital certificate. Moreover, some antivirus scanners automatically consider a file secured if it is signed with a valid digital certificate but this absolute trust of users on digitally signed certificates encourages cybercriminals to look for various ways to have their malicious files signed with the same trusted digital certificates to use them in their crimes."

Genuine certificates have become more prevalent since the turn of the millennium which is now around 110,000 in numbers and according to Kaspersky it is due to the loose system of checks involved in purchasing the items from a certification authority (CA).

Cybercriminals can use many other techniques to sign malware in addition to purchasing genuine certificates. A known and rare method involves compiling a piece of malware using a company's build server. Software compiled on these build servers is automatically signed with a digital certificate. These kind of attacks are not common because major software companies have proper security measures to protect their servers.

Specialized malware often steal private keys which can be lucrative because software signed by a reputable developer does not attract suspicion. Kaspersky said that major companies keep private keys on dedicated hardware modules forcing cyber crooks to divert their focus their attention on smaller companies whose networks might not be very secure.

On the other hand, malicious attackers take over a web installer for legal software and change the link enabling the downloading of a different distribution kit and then the malware is downloaded and installed on the system of the user.

Kaspersky recommended the restriction of launch of software programs to only those from a reputed manufacturer as one way to minimize the threat of attack.

ยป SPAMfighter News - 2/9/2015

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page
Next