all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

How Cybercriminals Misuse Code Signing Machine Identities

Add to bookmarks
June 21, 2022, 10:42 p.m. | brooke.crothers

Security Boulevard securityboulevard.com

How Cybercriminals Misuse Code Signing Machine Identities

brooke.crothers

Tue, 06/21/2022 - 15:42



  • 6 views



Attacks early in the software delivery process

If your pipeline doesn’t require digital signatures of all artifacts used to build your products, anyone could slip in a malicious change and the automation will incorporate that change and produce a malware-infected executable that you deliver to your customers.


Distributing malware in your company’s name

Cybercriminals steal code signing private keys from legitimate companies to sign their malicious …

code code signing cybercriminals identities machine machine identities signing

Visit resource

More from securityboulevard.com / Security Boulevard

Is Your Password Strong Enough? Brute Force Attack on the Rise! an hour ago | securityboulevard.com
access accounts advanced application security +27
USENIX Security ’23 – The Case for Learned Provenance Graph Storage Systems 11 hours ago | securityboulevard.com
access authors case channel +18
BreachRx Gets $6.5 Million to Automate Security Incident Response 11 hours ago | securityboulevard.com
automated incident response breaches breachrx building +34
What is CAS Integration? 13 hours ago | securityboulevard.com
akeyless businesses cybersecurity cybersecurity strategies +8
Brewing Trouble: How Nespresso’s Open Redirect Made Way for a Phishing Frenzy 13 hours ago | securityboulevard.com
attackers attacks blog careers +20
Randall Munroe’s XKCD ‘Pub Trivia’ 13 hours ago | securityboulevard.com
humor randall munroe sarcasm satire +3
Three Ways Organizations Can Overcome the Cybersecurity Skills Gap 13 hours ago | securityboulevard.com
can critical cybersecurity cybersecurity jobs +13
2024 Pen Testing Report 14 hours ago | securityboulevard.com
defense digital digital defense guides +6
A Step-by-Step Guide to Securely Upgrading Your EKS Clusters 14 hours ago | securityboulevard.com
agile best practices cloud cloud computing +15

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Information Security Engineers

@ D. E. Shaw Research | New York City
View on infosec-jobs.com

L2-Network Security Administrator

@ Kyndryl | KIN51515 Mumbai (KIN51515) We Work
View on infosec-jobs.com

Head of Cybersecurity Advisory and Architecture

@ CMA CGM | Marseille, FR
View on infosec-jobs.com

Systems Engineers/Cyber Security Engineers/Information Systems Security Engineer

@ KDA Consulting Inc | Herndon, Virginia, United States
View on infosec-jobs.com

R&D DevSecOps Staff Software Development Engineer 1

@ Sopra Steria | Noida, Uttar Pradesh, India
View on infosec-jobs.com
View more jobs