Infosecurity-magazine.com

Code Signing: How to Respond to the Hidden Threat

How do you know the code you’re using can be trusted? It’s a very important question – organizations and developers need to know code is genuine and hasn’t been tampered with, or they could risk ...
Forbes

Code Signing -- A New Attack Vector With Growing Popularity

The world is quickly moving toward a reality where almost everything is powered by software. This is the realization of the internet of things, which already includes cars, watches, medical devices, ...
CSOonline

Windows code-signing attacks explained (and how to defend against them)

Code signing is a mechanism by which software manufacturers assure their consumers that they are running legitimate software, signed by its manufacturer via cryptography. This ensures that the ...
Forbes

Code Signing: Did Someone Hijack Your Software?

Imagine that, for whatever reason, you hear you’re the target of an elite cyber-mafia. You don’t take it seriously until you’re driving down the freeway and suspect someone has tampered with your ...
Bleeping Computer

Microsoft Trusted Signing service abused to code-sign malware

Cybercriminals are abusing Microsoft's Trusted Signing platform to code-sign malware executables with short-lived three-day certificates. Threat actors have long sought after code-signing certificates ...
Bleeping Computer

Malware now using NVIDIA's stolen code signing certificates

Threat actors are using stolen NVIDIA code signing certificates to sign malware to appear trustworthy and allow malicious drivers to be loaded in Windows. This week, NVIDIA confirmed that they ...
CSOonline

Nvidia hackers release code-signing certificates that malware can abuse

The hacker group that recently broke into systems belonging to graphics chip maker Nvidia has released two of the company’s old code-signing certificates. Researchers warn the drivers could be used to ...