InfoWorld

Understanding Microsoft’s Trusted Signing service

How do we ensure that the code we’re installing is, at the very least, the code that a vendor shipped? The generally accepted solution is code signing, adding a digital signature to binaries that can ...
Redmond Magazine

Microsoft Disrupts Fox Tempest Malware-Signing Service Used in Ransomware Attacks

Microsoft disrupted Fox Tempest's malware-signing service used to legitimize ransomware attacks. Fraudulent code-signing certificates helped malware bypass trust signals and security checks.
InfoWorld

How to code sign binaries on Windows

Whether you create your own code-signing certificate, or use a certificate from a certificate authority, it’s easy to give your Windows binaries the seal of approval. If you compile programs on ...
Ars Technica

Microsoft signing keys keep getting hijacked, to the delight of Chinese threat actors

In July, security researchers revealed a sobering discovery: hundreds of pieces of malware used by multiple hacker groups to infect Windows devices had been digitally signed and validated as safe by ...
Network World

Chapter 4: Code Signing

In an effort to learn how to sign PowerShell scripts and configuration files, you have searched the Internet, read several blogs about code signing, reviewed the PowerShell documentation, and even ...
Hackaday

This Week In Security: Microsoft Patches, Typosquatting Continues, And Code Signing For All

The pair of Outlook vulnerabilities we’ve been tracking have finally been patched, along with another handful of fixes this Patch Tuesday, a total of six being 0-day exploits. The third vulnerability ...