all InfoSec news
Leaked Signing Keys Are Being Used to Sign Malware
Dec. 8, 2022, 12:08 p.m. | Bruce Schneier
Security Boulevard securityboulevard.com
A bunch of Android OEM signing keys have been leaked or stolen, and they are actively being used to sign malware.
Łukasz Siewierski, a member of Google’s Android Security Team, has a post on the Android Partner Vulnerability Initiative (AVPI) issue tracker detailing leaked platform certificate keys that are actively being used to sign malware. The post is just a list of the keys, but running each one through APKMirror or Google’s VirusTotal site will put names to some of …
android keys leaked leaks malware mobile security sign signing
More from securityboulevard.com / Security Boulevard
Jobs in InfoSec / Cybersecurity
Cybersecurity Skills Challenge -- Sponsored by DoD
@ Correlation One | United States
Security Operations Center (SOC) Analyst
@ GK Cybersecurity Group | Remote
Azure Security Architect
@ First Quality | Remote US - Eastern or Central Timezone
Senior Security Engineer
@ LRQA | Birmingham, GB, B37 7ES
Product Security Intern
@ Sinch | Chicago, Illinois, United States
Cyber Support Engineer
@ Darktrace | New York