Bleeping Computer

Microsoft Trusted Signing service abused to code-sign malware

Cybercriminals are abusing Microsoft's Trusted Signing platform to code-sign malware executables with short-lived three-day certificates. Threat actors have long sought after code-signing certificates ...
Bleeping Computer

Cybercrime service disrupted for abusing Microsoft platform to sign malware

Microsoft says it has disrupted a malware-signing-as-a-service (MSaaS) operation that abused the company's Artifact Signing service to generate fraudulent code-signing certificates used by ransomware ...
CSOonline

Microsoft disrupts malware code-signing service used by ransomware gangs

Cybercriminals paid between $5,000 and $9,000 to make their malware harder to detect on Windows, highlighting its effectiveness and a shift in how the cybercrime market operates. Microsoft has ...
Dark Reading

8 Strategies for Enhancing Code Signing Security

The recent news that hackers had breached remote access solution company AnyDesk shined a harsh light on the need for companies to take a long, hard look at code-signing practices to help ensure a ...
InfoWorld

Understanding Microsoft’s Trusted Signing service

How do we ensure that the code we’re installing is, at the very least, the code that a vendor shipped? The generally accepted solution is code signing, adding a digital signature to binaries that can ...