×
  • Share
  • Email
  • Embed
  • Like
  • Private Content
 

Code Signing Debacle 2.0: A Hacked Adobe Server and Its Impact on Us All

by on Oct 08, 2012

  • 365 views

Adobe’s code-signing infrastructure got hacked and now you have to worry about some really bad software out there that your computers will think are valid, safe applications from Adobe. One of them ...

Adobe’s code-signing infrastructure got hacked and now you have to worry about some really bad software out there that your computers will think are valid, safe applications from Adobe. One of them is pwdump which gets Windows passwords. Ever since Flame, Randy Franklin Smith from Ultimate Windows Security, has been saying that if Microsoft’s update infrastructure got hacked, it was only be a matter of time before another vendor’s did too. And that’s what this is all about. The methods are different, but both boil down to exploiting mistakes Microsoft and Adobe made in their PKI used to sign code. The reason this is so impactful to an organization, is that it allows the bad guys to trick your systems into running malicious code that looks like it came from Adobe – but you get that right? It really stinks though because no matter how good you maintain your systems, you are still at the mercy of the security of your software vendors.
Download this presentation to learn:
• How can you stop this particular threat?
• How can you deploy some strategic technologies and controls to address the risk of compromised code signatures and vendor update infrastructures?
• How can you preemptively control your exposure to the mistakes of your software vendors and/or when they get hacked? (In all fairness no one is safe from getting breached.)

Statistics

Views

Total Views
365
Views on SlideShare
365
Embed Views
0

Actions

Likes
0
Downloads
4
Comments
0

0 Embeds 0

No embeds

Accessibility

Categories

Upload Details

Uploaded via SlideShare as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
Post Comment
Edit your comment

Code Signing Debacle 2.0: A Hacked Adobe Server and Its Impact on Us All Code Signing Debacle 2.0: A Hacked Adobe Server and Its Impact on Us All Presentation Transcript