all InfoSec news
How Cybercriminals Misuse Code Signing Machine Identities
June 21, 2022, 10:42 p.m. | brooke.crothers
Security Boulevard securityboulevard.com
How Cybercriminals Misuse Code Signing Machine Identities
brooke.crothers
Tue, 06/21/2022 - 15:42
- 6 views
Attacks early in the software delivery process
If your pipeline doesn’t require digital signatures of all artifacts used to build your products, anyone could slip in a malicious change and the automation will incorporate that change and produce a malware-infected executable that you deliver to your customers.
Distributing malware in your company’s name
Cybercriminals steal code signing private keys from legitimate companies to sign their malicious …
code code signing cybercriminals identities machine machine identities signing
More from securityboulevard.com / Security Boulevard
Jobs in InfoSec / Cybersecurity
SOC 2 Manager, Audit and Certification
@ Deloitte | US and CA Multiple Locations
Information Security Engineers
@ D. E. Shaw Research | New York City
L2-Network Security Administrator
@ Kyndryl | KIN51515 Mumbai (KIN51515) We Work
Head of Cybersecurity Advisory and Architecture
@ CMA CGM | Marseille, FR
Systems Engineers/Cyber Security Engineers/Information Systems Security Engineer
@ KDA Consulting Inc | Herndon, Virginia, United States
R&D DevSecOps Staff Software Development Engineer 1
@ Sopra Steria | Noida, Uttar Pradesh, India