Hi Guys,
>From "Reworked Version of Stuxnet Relative Duqu Found in Iran,"
http://www.securitynewsdaily.com/1642-stuxnet-duqu-iran.html:
Duqu's builders also changed its encryption algorithm and
rigged the malware loader to pose as a Microsoft driver.
(The old driver was signed with a stolen Microsoft certificate.)
Is the stolen certificate related to Diginotar or some other incident?
Microsoft claims Diginotar issued certificates are inert
(http://www.computerworld.com/s/article/9219729/Microsoft_Stolen_SSL_certs_can_t_be_used_to_install_malware_via_Windows_Update).
Perhaps "Stolen encryption key the source of compromised certificate
problem, Symantec says,"
http://computerworld.co.nz/news.nsf/security/stolen-encryption-key-the-source-of-compromised-certificate-problem-symantec-says?
Jeff
_______________________________________________
cryptography mailing list
[email protected]
http://lists.randombit.net/mailman/listinfo/cryptography
