Recently, GitHub, a popular online platform for software development collaboration, revealed that some hackers cloned code-signing certificates in a breached repository. Code-signing certificates are used for digitally signing applications and programs to verify that the program is from a trusted source and should be trusted to install and run. In the statement, GitHub admitted that… Continue reading GitHub says hackers cloned code-signing certificates in breached repository
Category: certificates
Microsoft digital certificates have once again been abused to sign malware
On October 14th, 2020, malicious actors once again took advantage of Microsoft digital certificates to sign dangerous malware. According to security research firm Morphisec, the attackers abused trusted certificates issued by Microsoft to sign malware in order to circumvent security measures. The malicious code was signed with a certificate issued by Microsoft Office and the… Continue reading Microsoft digital certificates have once again been abused to sign malware