Yeah, I did -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Larry Seltzer Sent: Wednesday, September 12, 2007 3:26 PM To: Paul Ferguson; [email protected] Subject: RE: [funsec] Sunbelt: Gromozon Malware Digitally Signed by Thawte
Has anyone reported it to Thawte? VeriSign has a page on which you can rat out code-signing cert abusers: https://www.verisign.com/support/code-signing-support/code-signing-misus e/index.html Larry Seltzer eWEEK.com Security Center Editor http://security.eweek.com/ http://blogs.eweek.com/cheap_hack/ Contributing Editor, PC Magazine [EMAIL PROTECTED] -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Paul Ferguson Sent: Wednesday, September 12, 2007 3:01 PM To: [email protected] Subject: [funsec] Sunbelt: Gromozon Malware Digitally Signed by Thawte -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Wow. It's stuff like this that sometimes makes you just throw your hands in the air. http://sunbeltblog.blogspot.com/2007/09/for-shame-thawte-trusts-gromozon .ht ml - - ferg -----BEGIN PGP SIGNATURE----- Version: PGP Desktop 9.6.3 (Build 3017) wj8DBQFG6DdXq1pz9mNUZTMRAumHAJ97UYYz2VHGjDJcWhZhevhYWv7FGgCgt7Zm nT8Ek+UFs5/dQKHfWqbvAqI= =TBtd -----END PGP SIGNATURE----- -- "Fergie", a.k.a. Paul Ferguson Engineering Architecture for the Internet fergdawg(at)netzero.net ferg's tech blog: http://fergdawg.blogspot.com/ _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list. _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list. _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
