When the sophisticated state-sponsored espionage tool known as Flame was exposed last year, no one was more concerned about the discovery than Microsoft, after realizing that the tool was signed with a modified Microsoft certificate to verify its trustworthiness to victim machines and that the attackers also exploited the Windows Update feature to deliver it to targeted machines. Then a research team at Microsoft conducted some tests to recreate the steps attackers would need to take and discovered that it would in fact take just three days to repeat the Windows Update and certificate portion of the attack to deliver other signed malware to victim machines.
via Wired Top Stories http://feeds.wired.com/~r/wired/index/~3/kJvvbMjtkuc/
via Wired Top Stories http://feeds.wired.com/~r/wired/index/~3/kJvvbMjtkuc/
Nessun commento:
Posta un commento