Smoke and (screen) mirrors: A strange signed backdoor
Credit to Author: Matt Wixey| Date: Tue, 09 Apr 2024 19:08:05 +0000
Sophos X-Ops discovers a curious backdoored (and signed) executable, masquerading as something else entirely
Read morecertificate
Let’s Encrypt to revoke “mis-issued” certificates
Credit to Author: Christopher Boyd| Date: Thu, 27 Jan 2022 21:44:42 +0000
 | |
| In one day’s time, Let’s Encrypt will begin revoking a number of mis-issued certificates. Check now if you’re affected Categories: Privacy Tags: certificatesecuritySSLTLSwebsite |
The post Let’s Encrypt to revoke “mis-issued” certificates appeared first on Malwarebytes Labs.
Read moreHorseDeal Riding on The Curveball!
Credit to Author: Jayesh kulkarni| Date: Wed, 05 Feb 2020 06:17:49 +0000
It’s surprising to see how quickly attackers make use of new vulnerabilities in malware campaigns. Microsoft recently patched a very interesting vulnerability in their monthly Patch Tuesday update for January 2020. It’s a spoofing vulnerability in Windows CryptoAPI (Crypt32.dll) validation mechanism for Elliptic Curve Cryptography (ECC) certificates. An attacker could…
Read moreDubious downloads: How to check if a website and its files are malicious
Credit to Author: Pieter Arntz| Date: Tue, 07 Jan 2020 17:45:08 +0000
 | |
| Users often search the web for downloads when companies no longer support software, and what they find is dubious. How can they tell if the files are safe? We tell how to spot the difference. Categories: Tags: certificatechecksumdownloadpadlockscantrusted |
The post Dubious downloads: How to check if a website and its files are malicious appeared first on Malwarebytes Labs.
Read moreDNSSEC: why do we need it?
Credit to Author: Pieter Arntz| Date: Mon, 27 Feb 2017 18:00:54 +0000
 | |
| We take a look at what DNSSEC is and why we need it. Plus an overview of how far the implementation has progressed in the Netherlands based on a SIDN report. Categories: Tags: authenticationcertificatednssecdomain name securityPieter Arntz |
The post DNSSEC: why do we need it? appeared first on Malwarebytes Labs.
Read more