Ars Technica

In blunder threatening Windows users, D-Link publishes code-signing key

[url=http://arstechnica.com/civis/viewtopic.php?p=29776313#p29776313:2vcsi9o2 said: smartbucket[/url]":2vcsi9o2] He said the key is accepted by Microsoft Windows code ...
Bleeping Computer

Malware now using NVIDIA's stolen code signing certificates

Threat actors are using stolen NVIDIA code signing certificates to sign malware to appear trustworthy and allow malicious drivers to be loaded in Windows. This week, NVIDIA confirmed that they ...
Bleeping Computer

Hackers exploit Windows policy to load malicious kernel drivers

Microsoft blocked code signing certificates predominantly used by Chinese hackers and developers to sign and load malicious kernel mode drivers on breached systems by exploiting a Windows policy ...
Threat Post

NVIDIA’s Stolen Code-Signing Certs Used to Sign Malware

NVIDIA certificates are being used to sign malware, enabling malicious programs to pose as legitimate and slide past security safeguards on Windows machines. Two of NVIDIA’s code-signing certificates ...
CSOonline

Nvidia hackers release code-signing certificates that malware can abuse

The hacker group that recently broke into systems belonging to graphics chip maker Nvidia has released two of the company’s old code-signing certificates. Researchers warn the drivers could be used to ...
InfoWorld

Understanding Microsoft’s Trusted Signing service

How do we ensure that the code we’re installing is, at the very least, the code that a vendor shipped? The generally accepted solution is code signing, adding a digital signature to binaries that can ...
Network World

Using code signing to secure mobile apps

This vendor-written tech primer has been edited by Network World to eliminate product promotion, but readers should note it will likely favor the submitter’s approach. Smartphone users download ...

Tag: code signing

Microsoft fixed a Defender false positive that flagged legitimate DigiCert certificates as malware, disrupting Windows trust ...
Ars Technica

GitHub says hackers cloned code-signing certificates in breached repository

GitHub said unknown intruders gained unauthorized access to some of its code repositories and stole code-signing certificates for two of its desktop applications: Desktop and Atom. Code-signing ...
Computer Weekly

GitHub warns Desktop, Atom users after code-signing certificates pinched

GitHub has issued an urgent warning to users of its Desktop for Mac and Atom text editor applications after an unauthorised actor broke into its systems and stole two encrypted DigiCert code-signing ...
Network World

Chapter 4: Code Signing

In an effort to learn how to sign PowerShell scripts and configuration files, you have searched the Internet, read several blogs about code signing, reviewed the PowerShell documentation, and even ...