Is this a Series Global Cyber Attack Occurring Before Us? « Mark Curphey

Is this a Series Global Cyber Attack Occurring Before Us?

—–BEGIN PGP SIGNED MESSAGE—–

Hash: SHA1

Ok, so to sum up the two emails below:

1. Fedora’s package signing box was compromised by unknown parties.

Fedora does not think the key’s passphrase was compromised however. They are changing their keys.

2. RedHat’s package signing key was used to sign trojaned OpenSSH packages. RedHat does not think these were distributed via the Red Hat Network auto-update service.

http://www.redhat.com/archives/fedora-announce-list/2008-August/msg00012.html

http://rhn.redhat.com/errata/RHSA-2008-0855.html

- -dave

—–BEGIN PGP SIGNATURE—–

Version: GnuPG v1.4.6 (GNU/Linux)

Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFIrsehtehAhL0gheoRAkuqAJ4mvzv4G4ecq0lhqkBVrZLzvO5mAACfVwIc

Q4GJxw1kSvTKUMXlYsNfOWo=

=X5qc

—–END PGP SIGNATURE—–

_______________________________________________

Dailydave mailing list

Dailydave@lists.immunitysec.com

http://lists.immunitysec.com/mailman/listinfo/dailydave

Explore posts in the same categories: Information Security Economics, Spies

This entry was posted on August 22, 2008 at 5:06 pm and is filed under Information Security Economics, Spies. You can subscribe via RSS 2.0 feed to this post's comments. You can comment below, or link to this permanent URL from your own site.

Mark Curphey - SecurityBuddha.com

Is this a Series Global Cyber Attack Occurring Before Us?

Comment: