Fake certificates open the door to attackers

imageDigital certificates are the basis of reputation-based security technologies, but if you can’t trust the authenticity of the certificates, they’re worse than worthless (because they give you a false sense of security). A Kaspersky Labs researcher says Windows doesn’t clearly indicate when a certificate has been tampered with – and that means malware authors can alter certificates and use them to get their malicious code into your network. This was brought into the spotlight when the Stuxnet worm last month used fake Verisign certificates. That certificate was revoked by Microsoft and Verisign so new software can’t be signed with it.

Read more here:


About The Author

Leave a Comment

Your email address will not be published. Required fields are marked *

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Scroll to Top