all InfoSec news
Leaked Signing Keys Are Being Used to Sign Malware
Dec. 8, 2022, 12:08 p.m. | Bruce Schneier
Schneier on Security www.schneier.com
A bunch of Android OEM signing keys have been leaked or stolen, and they are actively being used to sign malware.
Łukasz Siewierski, a member of Google’s Android Security Team, has a post on the Android Partner Vulnerability Initiative (AVPI) issue tracker detailing leaked platform certificate keys that are actively being used to sign malware. The post is just a list of the keys, but running each one through APKMirror or Google’s VirusTotal site will put names to some of …
More from www.schneier.com / Schneier on Security
Dan Solove on Privacy Regulation
1 day, 22 hours ago |
www.schneier.com
Microsoft and Security Incentives
2 days, 22 hours ago |
www.schneier.com
Using Legitimate GitHub URLs for Malware
3 days, 18 hours ago |
www.schneier.com
Friday Squid Blogging: Squid Trackers
6 days, 12 hours ago |
www.schneier.com
X.com Automatically Changing Link Text but Not URLs
1 week, 2 days ago |
www.schneier.com
New Lattice Cryptanalytic Technique
1 week, 3 days ago |
www.schneier.com
Jobs in InfoSec / Cybersecurity
SOC 2 Manager, Audit and Certification
@ Deloitte | US and CA Multiple Locations
Cyber Security Cloud Solution Architect
@ Microsoft | London, London, United Kingdom
Compliance Program Analyst
@ SailPoint | United States
Software Engineer III, Infrastructure, Google Cloud Security and Privacy
@ Google | Sunnyvale, CA, USA
Cryptography Expert
@ Raiffeisen Bank Ukraine | Kyiv, Kyiv city, Ukraine
Senior Cyber Intelligence Planner (15.09)
@ OCT Consulting, LLC | Washington, District of Columbia, United States