[Cryptography] Sony "root" certificates exposed
erwann at abalea.com
Mon Dec 15 16:26:45 EST 2014
2014-12-15 16:02 GMT+01:00 Henry Baker <hbaker1 at pipeline.com>:
> FYI --
> Also among the spoils in one of last week’s file dumps was a Sony Corp. CA
> 2 “root” certificate—-a digital certificate issued by Sony’s corporate
> certificate authority to Sony Pictures to be used in creating server
> certificates for Sony’s Information Systems Service (ISS) infrastructure.
> This may have been used to create the Sony Pictures certificate that was
> used to sign a later version of the malware that took the company’s
> computers offline.
Has the private key of the corresponding certificate leaked? If not, that's
no big deal, a certificate is public by nature.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the cryptography