all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Ask Fitis, the Bear: Real Crooks Sign Their Malware

Add to bookmarks
June 1, 2023, 4:15 p.m. | BrianKrebs

Security Boulevard securityboulevard.com

Code-signing certificates are supposed to help authenticate the identity of software publishers, and provide cryptographic assurance that a signed piece of software has not been altered or tampered with. Both of these qualities make stolen or ill-gotten code-signing certificates attractive to cybercriminal groups, who prize their ability to add stealth and longevity to malicious software. This post is a deep dive on "Megatraffer," a veteran Russian hacker who has practically cornered the underground market for malware focused code-signing certificates since …

774748@gmail.com akafitis@gmail.com assurance bear breadcrumbs certificates code code signing certificates constella intelligence cybercriminal domaintools.com featar24 fitis flashpoint glavmed identity intel 471 konstantin evgenievich fetisov malware megatraffer ne'er-do-well news o.r.z. piece prize sign signing software spamit spampage@yandex.ru stealth stolen

Visit resource

More from securityboulevard.com / Security Boulevard

Breaking Down Cybersecurity: The Real Meaning Behind the Jargon 6 hours ago | securityboulevard.com
authenticity availability breaking cia +19
What is General Data Protection Regulation Act (GDPR)? 7 hours ago | securityboulevard.com
act adoption center challenges +32
Cloud Monitor Automation Improves K-12 Cybersecurity Training & Awareness 17 hours ago | securityboulevard.com
automation awareness chief cloud +28
USENIX Security ’23 – UVSCAN: Detecting Third-Party Component Usage Violations in IoT Firmware 20 hours ago | securityboulevard.com
access authors conference events +15
Local Privilege Escalation Vulnerability in Ant Media Server (CVE-2024-32656) 22 hours ago | securityboulevard.com
ant application customers cve +21
Understanding Cybersecurity Vulnerabilities 22 hours ago | securityboulevard.com
advice attacks can cybersecurity +12
Bridging the Gap: Uniting Development and AppSec 23 hours ago | securityboulevard.com
application security appsec aspm bridging the gap +20
Open-Source Software Security 1 day ago | securityboulevard.com
blog blog post cloud cloud-native +14
USENIX Security ’23 – Union Under Duress: Understanding Hazards of Duplicate Resource Mismediation in Android … 1 day ago | securityboulevard.com
access android authors conference +20

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Principal Security Analyst - Threat Labs (Position located in India) (Remote)

@ KnowBe4, Inc. | Kochi, India
View on infosec-jobs.com

Cyber Security - Cloud Security and Security Architecture - Manager - Multiple Positions - 1500860

@ EY | Dallas, TX, US, 75219
View on infosec-jobs.com

Enterprise Security Architect (Intermediate)

@ Federal Reserve System | Remote - Virginia
View on infosec-jobs.com

Engineering -- Tech Risk -- Global Cyber Defense & Intelligence -- Associate -- Dallas

@ Goldman Sachs | Dallas, Texas, United States
View on infosec-jobs.com

Vulnerability Management Team Lead - North Central region (Remote)

@ GuidePoint Security LLC | Remote in the United States
View on infosec-jobs.com
View more jobs