Banking trojan with a DIGITAL CERTIFICATE
Security researchers have discovered a banking Trojan that comes with its own built-in digital certificate.
The Brazilian banking password-sniffer was signed with a valid digital certificate issued by DigiCert, MalwareBytes reports. DigiCert responded promptly to inquiries by El Reg to confirm it had a had pulled the offending certificate, which it said had been issued to a legally registered business.
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump