Displaying items by tag: Code Signing

Yesterday we reported on a ransomware attack that impacted PC and component manufacturer MSI. When they, MSI, disclosed the attack they claimed there was no significant impact, but failed to consider that most, if not all, modern ransomware attacks also incorporate exfiltration techniques to ensure a ransom is paid. This this case, the group Money Message had exfiltrated data a claimed 1.5TB of data that included firmware, source code, and databases. This sounds a bit significant at this point.

A second Linux Distro has joined the Microsoft Secure Booth party. You see Microsoft has come up with what they are calling the UEFI Secure Boot. UEFI Secure boot is somewhat controversial in that once set up it will only allow signed versions of an OS to be installed. This means that if a computer is shipped from an OEM with Windows 8 and UEFI Secure Boot on you could not install a generic version of Linux or indeed any other OS including Windows 7 etc. This would effectively lock someone into using Windows 8 only on these devices. This block would include even downgrading your new system to Windows 7.

We told you about the new malware threat in Iran (and some other Middle Eastern countries). This is a new and very sophisticated bit of spyware that appears designed to gather intelligence about the state of Iran’s nuclear program. Kaspersky discovered the worm after being asked to check some systems that appeared to be acting strange. This investigation led to the discovery on Flame and the identification of some 20 plug-ins for the malware that can do everything from capture screens, to turning on a system’s microphone to record anything around the system. It is also able to record VoIP communication through applications like Skype.