Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
Trust the World's Fastest VPN with Your Internet Security & Freedom - A Lifetime Subscription of PureVPN at 88% off. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. ×
Security

Submission + - Malware "Whitelisted" Following Hack of Bit9 (securityledger.com)

chicksdaddy writes: "Application 'whitelisting' offers an alternative to signature based malware protection. Rather than trying to spot the bad guys, the thinking goes, just identify a list of approved (whitelisted) applications, then block everything else.
But what happens when the whitelist, itself, becomes compromised? That’s the scenario that’s playing out with customers of whitelisting firm Bit9, which acknowledged a breach of its corporate network that allowed unknown assailants to gain control of an application code signing server. (https://blog.bit9.com/2013/02/08/bit9-and-our-customers-security/) The incident began with compromises of machines on Bit9's network that were not running Bit9's software — something that Bit9 encourages its own customers not to do. The company's acknowledgement came after Bit9 was contacted regarding the breach by Brian Krebs of Krebsonsecurity.com, which broke the news Friday. (http://krebsonsecurity.com/2013/02/security-firm-bit9-hacked-used-to-spread-malware/)"

Slashdot Top Deals

Heuristics are bug ridden by definition. If they didn't have bugs, then they'd be algorithms.

Working...