"Hackers Abusing Digital Certs Smuggle Malware past Security Scanners"
According to security researchers at the University of Maryland, hackers are using compromised digital code-signing certificates to sign malware in order to circumvent system security measures established for signature checking. This tactic is significant as the verification of a computer application’s authenticity and integrity is based on the digital signature. This article further discusses the discoveries made by the Maryland Cybersecurity Centre team in relation to the use of compromised certificates by hackers to bypass security protection mechanisms, along with what another study conducted by the Cyber Security Research Institute uncovered about code-signing certificates.
The Register reports "Hackers Abusing Digital Certs Smuggle Malware past Security Scanners"