How do you know the code you’re using can be trusted? It’s a very important question – organizations and developers need to know code is genuine and hasn’t been tampered with, or they could risk ...

There are lots of ways to ensure the success of an advanced hacking operation. For a gang called Suckfly, one of the keys is having plenty of stolen code-signing certificates on hand to give its ...

NVIDIA certificates are being used to sign malware, enabling malicious programs to pose as legitimate and slide past security safeguards on Windows machines. Two of NVIDIA’s code-signing certificates ...

The hacker group that recently broke into systems belonging to graphics chip maker Nvidia has released two of the company’s old code-signing certificates. Researchers warn the drivers could be used to ...

Threat actors are using stolen NVIDIA code signing certificates to sign malware to appear trustworthy and allow malicious drivers to be loaded in Windows. This week, NVIDIA confirmed that they ...

Cybercriminals are abusing Microsoft's Trusted Signing platform to code-sign malware executables with short-lived three-day certificates. Threat actors have long sought after code-signing certificates ...

From IRS tax scams to business email compromises, fraudsters impersonating authority figures are a well-known hazard for online users. However, impersonation is also becoming an increasingly used ...

The Linux Foundation's sigstore code-signing software, developed with Google, Red Hat and Purdue University, will help prevent attacks on the software supply chain. The Linux Foundation has launched a ...

Whether you create your own code-signing certificate, or use a certificate from a certificate authority, it’s easy to give your Windows binaries the seal of approval. If you compile programs on ...