Microsoft

Exposing Fox Tempest: A malware-signing service operation

Fox Tempest is a financially motivated threat actor operating a malware‑signing‑as‑a‑service (MSaaS) used by other ...
CSOonline

Windows code-signing attacks explained (and how to defend against them)

Code signing is a mechanism by which software manufacturers assure their consumers that they are running legitimate software, signed by its manufacturer via cryptography. This ensures that the ...
Forbes

Code Signing -- A New Attack Vector With Growing Popularity

The world is quickly moving toward a reality where almost everything is powered by software. This is the realization of the internet of things, which already includes cars, watches, medical devices, ...
Bleeping Computer

Malware now using NVIDIA's stolen code signing certificates

Threat actors are using stolen NVIDIA code signing certificates to sign malware to appear trustworthy and allow malicious drivers to be loaded in Windows. This week, NVIDIA confirmed that they ...
CSOonline

Nvidia hackers release code-signing certificates that malware can abuse

The hacker group that recently broke into systems belonging to graphics chip maker Nvidia has released two of the company’s old code-signing certificates. Researchers warn the drivers could be used to ...