A new email malware campaign includes a knock-off certificate that computer users can believe in – and an attached file with explicit instructions for how to get their computers infected.
The post Malware: Just believe and follow our directions appeared first on Avira Blog.
A new email malware campaign includes an attached file with explicit instructions for the recipients describing the steps how to get their computers infected.
The post To get infected, follow the directions appeared first on Avira Blog.
Weeks after a serious problem in the Chromodo browser were disclosed, Google’s Project Zero disclosed a separate privilege escalation issue in Comodo Internet Security introduced by the GeekBuddy support app.
Certificate authority Comodo admits it incorrectly issued eight certificates that include forbidden internal server names or reserved IP addresses.
Another shady piece of adware called PrivDog has been unearthed with a similar Superfish-type vulnerability that breaks SSL connections.
Microsoft is considering adding public-key pinning–an important defense against man-in-the-middle attacks–to Internet Explorer. The feature is designed to help protect users against the types of MITM attacks that rely on forged certificates, which comprise a large portion of those attacks. Attackers use forged or stolen certificates to trick victims’ browsers into trusting a malicious site […]