Tag Archives: University of Maryland

Criminals sell counterfeit certificates to make malware look legitimate

Posted on by

Enterprising cybercriminals are selling counterfeit digital certificates that allow hackers to disguise their malware as legitimate software, according to a new report from the cybersecurity firm Recorded Future. The fraudulent files, which act like valid code signing certificates, render malware invisible to a large number of anti-virus engines. “It’s not a cheap commodity,” said Andrei Barysevich, Recorded Future’s director of advanced collection. “But once you sign a payload with the certificate, then the file becomes pretty much undetectable by any antivirus out there.” Barysevich’s team found a small group of independent vendors in the Eastern European cybercrime markets selling counterfeit code signing certificates to Russian-speaking customers. The fake certificates are not stolen from legitimate owners but are instead created using real information that can deliver a unique, working and effectively real certificate to hackers willing to pay. A 2017 paper from the University of Maryland highlighted the issue and showed that digitally […]

The post Criminals sell counterfeit certificates to make malware look legitimate appeared first on Cyberscoop.

Continue reading Criminals sell counterfeit certificates to make malware look legitimate

Assessing Weaknesses in Public Key Infrastructure

Posted on by

Academic researchers size up weaknesses in the the code-signing Public Key Infrastructure and highlight three types of flaws. Continue reading Assessing Weaknesses in Public Key Infrastructure

Google’s reCaptcha Cracked Again

Posted on by

Google’s reCaptcha service has been cracked by researchers who devised an automated attack called unCaptcha that can break the service with 85 percent accuracy. Continue reading Google’s reCaptcha Cracked Again