[ISN] Bit9 says attack likely targeted a narrow set of companies

https://www.computerworld.com/s/article/9236670/Bit9_says_attack_likely_targeted_a_narrow_set_of_companies By Jeremy Kirk IDG News Service February 10, 2013 Security vendor Bit9 promised to release limited details of a hack caused by a failure of the company to install the same security software on its own network that it sells to a handful of Fortune 500 companies. Bit9, which is based in Waltham, Massachusetts, provides a platform that aims, among other functions, to block the installation of malicious applications. Although its product was not compromised, hackers found a weakness in company servers that issue code-signing certificates. Once compromised, the hackers issued certificates for their own malicious software, which was then found on the networks of three Bit9 customers. Bit9 doesn’t list its customers by name on its website. But it says more than 1,000 companies use its software, including Fortune 500 companies in banking, energy, aerospace and defense and U.S. federal government agencies. […] ______________________________________________ Visit the InfoSec News Security Bookstore Best Selling Security Books and More! http://www.shopinfosecnews.org