Slashdot stories can be listened to in audio form via an RSS feed, as read by our own robotic overlord.

 



Forgot your password?
typodupeerror

Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).

×
Security

+ - Malware "Whitelisted" Following Hack of Bit9->

Submitted by
chicksdaddy
chicksdaddy writes "Application 'whitelisting' offers an alternative to signature based malware protection. Rather than trying to spot the bad guys, the thinking goes, just identify a list of approved (whitelisted) applications, then block everything else.
But what happens when the whitelist, itself, becomes compromised? That’s the scenario that’s playing out with customers of whitelisting firm Bit9, which acknowledged a breach of its corporate network that allowed unknown assailants to gain control of an application code signing server. (https://blog.bit9.com/2013/02/08/bit9-and-our-customers-security/) The incident began with compromises of machines on Bit9's network that were not running Bit9's software — something that Bit9 encourages its own customers not to do. The company's acknowledgement came after Bit9 was contacted regarding the breach by Brian Krebs of Krebsonsecurity.com, which broke the news Friday. (http://krebsonsecurity.com/2013/02/security-firm-bit9-hacked-used-to-spread-malware/)"

Link to Original Source
This discussion was created for logged-in users only, but now has been archived. No new comments can be posted.

Malware "Whitelisted" Following Hack of Bit9

Comments Filter:

You can not win the game, and you are not allowed to stop playing. -- The Third Law Of Thermodynamics

Working...