The Mystery of the Encrypted Gauss Payload

There are many remaining mysteries in the Gauss and Flame stories. For instance, how do people get infected with the malware? Or, what is the purpose of the uniquely named “Palida Narrow” font that Gauss installs? Perhaps the most interesting mystery is Gauss’ encrypted warhead. Gauss contains a module named “UsbDisk” that features an encrypted payload. The malware tries to decrypt this payload using several strings from the system and, upon success, executes it. Despite our best efforts, we were unable to break the encryption. So today we are presenting all the available information about the payload in the hope that someone can find a solution and unlock its secrets. We are asking anyone interested in cryptology and mathematics to join us in solving the mystery and extracting the hidden payload. Read Full Article

When Certificate Authority Business Models and Vendor Certificate Policies Clash

A very important “internet trust” discussion is underway that has been hidden behind closed doors for years and in part, still is. While the Comodo , Diginotar, and Verisign Certificate Authority breaches forced discussion and action into the open, this time, this “dissolution of trust” discussion trigger seems to have been volunteered by Trustwave’s policy clarification , and followup discussions on Mozilla’s bugzilla tracking and mozilla.dev.security.policy .

Read Full Article

The SSL Sky is Falling?

With headlines like “New cyber threat compromises financial information – Experts say new threat could affect millions of sites”, you would think that the trust model of the internet is finally crumbled.

From an hour long wait to view the demo, the Ekoparty demo for the SSL hack was staged. And it was interesting that the attack succeeded in cracking the SSL confidentiality model.

Read Full Article

Lab Matters – Travel Tips: Stay Secure on the Road

For business travelers, the use of a laptop to stay connected to access business documents and connect to office resources is an absolute necessity. In this Lab Matters webcast, Kaspersky Lab malware researcher Stefan Tanase provides some general travel tips and advice to assist in protecting you, your laptop and your corporate data while you are on the road. Read Full Article

A Web of (Mis)Trust?

At our international press tour held in Moscow in early February, we spoke about the dissolution of trust on the internet and discussed the possibility of Certificate Authority subversion and the impact of abused digital certificates.

This unfortunate moment is arriving sooner than we wanted. This past week, another concrete example of the very foundation of trust on the web was shaken with the final coordination of an effort between a compromised Certificate Authority and web browser providers. Read Full Article

Secure connections: how secure are they?

The fact that it’s easy to encrypt a network channel and the fact that in most cases there will be no verification of who created the file results in a contradictory situation: a “secure connection” to a server provides the user with a feeling of security, but does not guarantee that the connection will be free from malicious data. Read Full Article