Cybercriminals are abusing Microsoft's Trusted Signing platform to code-sign malware executables with short-lived three-day certificates. Threat actors have long sought after code-signing certificates ...

A new Zloader campaign exploits Microsoft's digital signature verification to deploy malware payloads and steal user credentials from thousands of victims from 111 countries. The campaign orchestrated ...

How do we ensure that the code we’re installing is, at the very least, the code that a vendor shipped? The generally accepted solution is code signing, adding a digital signature to binaries that can ...

Eighteen years ago, a code-signing issue with Small Business Server 2003 caused problems for early installations. Last week, a similar problem cropped up in Windows 11. Once upon a time in technology, ...

Security firms have reported that multiple hacking groups have been using drivers signed by Microsoft in a series of attacks, including the deployment of Cuba ransomware. That development matters ...

Microsoft has once again been caught allowing its legitimate digital certificates to sign malware in the wild, a lapse that allows the malicious files to pass strict security checks designed to ...

In July, security researchers revealed a sobering discovery: hundreds of pieces of malware used by multiple hacker groups to infect Windows devices had been digitally signed and validated as safe by ...

The pair of Outlook vulnerabilities we’ve been tracking have finally been patched, along with another handful of fixes this Patch Tuesday, a total of six being 0-day exploits. The third vulnerability ...

Whether you create your own code-signing certificate, or use a certificate from a certificate authority, it’s easy to give your Windows binaries the seal of approval. If you compile programs on ...