Very interesting article, it does underline the importance of using application whitelisting and protecting your systems, but this is definitely a black eye Bit9 doesn’t need.
Z Edward E. Ziots, CISSP, Security +, Network + Security Engineer Lifespan Organization [email protected] This electronic message and any attachments may be privileged and confidential and protected from disclosure. If you are reading this message, but are not the intended recipient, nor an employee or agent responsible for delivering this message to the intended recipient, you are hereby notified that you are strictly prohibited from copying, printing, forwarding or otherwise disseminating this communication. If you have received this communication in error, please immediately notify the sender by replying to the message. Then, delete the message from your computer. Thank you. [Description: Description: Lifespan] From: Crawford, Scott [mailto:[email protected]] Sent: Sunday, February 10, 2013 5:03 PM To: NT System Admin Issues Subject: RE: Security Firm Bit9 Hacked, Used to Spread Malware fair enough. Next step: spin - "see what happens when you don't use our product?" :) Sent from my Windows Phone ________________________________ From: Andrew S. Baker Sent: 2/10/2013 3:27 PM To: NT System Admin Issues Subject: Re: Security Firm Bit9 Hacked, Used to Spread Malware The reporting was vague, but Bit9 was more clear in their own blog. https://blog.bit9.com/2013/02/08/bit9-and-our-customers-security/ In brief, here is what happened. Due to an operational oversight within Bit9, we failed to install our own product on a handful of computers within our network. As a result, a malicious third party was able to illegally gain temporary access to one of our digital code-signing certificates that they then used to illegitimately sign malware. There is no indication that this was the result of an issue with our product. Our investigation also shows that our product was not compromised. ASB http://XeeMe.com/AndrewBaker<http://xeeme.com/AndrewBaker> Providing Virtual CIO Services (IT Operations & Information Security) for the SMB market… On Sun, Feb 10, 2013 at 2:03 PM, Crawford, Scott <[email protected]<mailto:[email protected]>> wrote: You could interpret that sentence two ways: A: We didn’t have it installed on the compromised systems. B: It was installed, but did not protect them. B says the software doesn’t work. A says there was simply a mistake made. Phrasing it like they did, allows B to be true, while implying A. From: Andrew S. Baker [mailto:[email protected]<mailto:[email protected]>] Sent: Saturday, February 9, 2013 9:51 PM To: NT System Admin Issues Subject: Re: Security Firm Bit9 Hacked, Used to Spread Malware >>The company said attackers managed to compromise some of Bit9′s systems that >>were not protected by the company’s own software. And this was because of... ? ASB http://XeeMe.com/AndrewBaker<http://xeeme.com/AndrewBaker> Providing Virtual CIO Services (IT Operations & Information Security) for the SMB market… On Fri, Feb 8, 2013 at 5:59 PM, Stu Sjouwerman <[email protected]<mailto:[email protected]>> wrote: Bit9, a company that provides software and network security services to the U.S. government and at least 30 Fortune 100 firms, has suffered an electronic compromise that cuts to the core of its business: helping clients distinguish known "safe" files from computer viruses and other malicious software. OUCH ! More at: http://krebsonsecurity.com/2013/02/security-firm-bit9-hacked-used-to-spread-malware/ Warm regards, Stu ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected]<mailto:[email protected]> with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected]<mailto:[email protected]> with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected]<mailto:[email protected]> with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected]<mailto:[email protected]> with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
<<inline: image001.jpg>>
