Threat Post

NVIDIA’s Stolen Code-Signing Certs Used to Sign Malware

NVIDIA certificates are being used to sign malware, enabling malicious programs to pose as legitimate and slide past security safeguards on Windows machines. Two of NVIDIA’s code-signing certificates ...
Ars Technica

In blunder threatening Windows users, D-Link publishes code-signing key

[url=http://arstechnica.com/civis/viewtopic.php?p=29776313#p29776313:2vcsi9o2 said: smartbucket[/url]":2vcsi9o2] He said the key is accepted by Microsoft Windows code ...
Bleeping Computer

Hackers exploit Windows policy to load malicious kernel drivers

Microsoft blocked code signing certificates predominantly used by Chinese hackers and developers to sign and load malicious kernel mode drivers on breached systems by exploiting a Windows policy ...
Ars Technica

GitHub says hackers cloned code-signing certificates in breached repository

GitHub said unknown intruders gained unauthorized access to some of its code repositories and stole code-signing certificates for two of its desktop applications: Desktop and Atom. Code-signing ...
techtimes

Microsoft Dismantles Fox Tempest: Ransomware Groups Paid Up to $9,500 to Fake Windows Software Signatures

Microsoft's Digital Crimes Unit unsealed a civil lawsuit on May 19 in U.S. District Court for the Southern District of New York targeting Fox Tempest, a criminal operation that sold fraudulently ...