#code-signing

[ follow ]
#malware #cloud-c2-evasion #gemini-siri #notepad #update-vulnerability #supply-chain-attack #devsecops
fromThe Hacker News
2 weeks ago

ThreatsDay Bulletin: AI Voice Cloning Exploit, Wi-Fi Kill Switch, PLC Vulns, and 14 More Stories

Unlike typical malware that steals certificates, BaoLoader's operators are known to register legitimate businesses in Panama and Malaysia specifically to purchase valid code-signing certificates from major certificate authorities to sign their payloads. "With these certificates, their malware appears trustworthy to both users and security tools, allowing them to operate largely undetected while being dismissed as merely potentially unwanted programs (PUPs)," ReliaQuest said. The malware, once launched, abuses "node.exe" to run malicious JavaScript for reconnaissance, in-memory command execution, and backdoor access.
Information security
fromTechzine Global
1 month ago

Vulnerability in Notepad++ updater exploited for malware

A security vulnerability in the Notepad++ update mechanism has been exploited to spread malicious code. What began as a report within the Notepad++ community at the end of October was later confirmed to be a structural weakness in the updater. Analysis by BleepingComputer shows that attackers were able to execute malware via this mechanism. Notepad++ has since released a fix in version 8.8.9.
Information security
Information security
fromDevOps.com
7 months ago

Code Signing in the DevOps Era: Silver Bullet or Security Theater? - DevOps.com

Code signing requires effective management and controls to be a true security measure, or it creates a false sense of security.
[ Load more ]