Dark Reading

8 Strategies for Enhancing Code Signing Security

The recent news that hackers had breached remote access solution company AnyDesk shined a harsh light on the need for companies to take a long, hard look at code-signing practices to help ensure a ...
Business Wire

AppViewX SIGN+ Bolsters Software Supply Chain Security by Ensuring the Authenticity and Integrity of Code

NEW YORK--(BUSINESS WIRE)--AppViewX, the leader in automated machine identity management (MIM) and application infrastructure security, today launched AppViewX SIGN+, a flexible and secure code ...
Bleeping Computer

Microsoft Trusted Signing service abused to code-sign malware

Cybercriminals are abusing Microsoft's Trusted Signing platform to code-sign malware executables with short-lived three-day certificates. Threat actors have long sought after code-signing certificates ...
Morning Overview on MSN

The TanStack supply chain attack hit OpenAI — hackers reached two employee devices and forced the company to rotate all its code-signing certificates

When OpenAI engineers discovered that a poisoned update to a widely used JavaScript library had executed on two corporate ...
Redmondmag.com

Microsoft Disrupts Fox Tempest Malware-Signing Service Used in Ransomware Attacks

Microsoft has disrupted a cybercrime service that allegedly helped ransomware operators and other attackers make malware appear as verified software, the company said last week.
Bleeping Computer

Hackers exploit Windows policy to load malicious kernel drivers

Microsoft blocked code signing certificates predominantly used by Chinese hackers and developers to sign and load malicious kernel mode drivers on breached systems by exploiting a Windows policy ...