their slogan is The leader in Trust based Security
“Due to an operational oversight within Bit9, we failed to install our own product on a handful of computers within our network,” Chief Executive Patrick Morley wrote on Bit9’s blog. “As a result, a malicious third party was able to illegally gain temporary access to one of our digital code-signing certificates that they then used to illegitimately sign malware.”
Who issued that cert?I don’t think they are a signing authority…hmmm
There may be deep irony in this attack: While Bit9 has made a name for itself based on the reality that antivirus software cannot keep up with the tens of thousands of new malware variants being unleashed on the Internet each day [the company brags that Bit9 is the only security firm to stop both the Flame malware and the RSA breach attack, even before they were identified by traditional/legacy antivirus companies], there is a better than even chance that the malware signed with Bit9′s keys was first detected with traditional antivirus products. But only time will tell how the initial discovery really played out.