Cybercriminals are abusing Microsoft’s Trusted Signing service by using the platform’s three-day certificates to code-sign malware. These signed malware are more likely to bypass security filters and can look like legitimate programs. While obtaining certificates via this platform is easier than getting Extended Validation (EV) certificates, researchers assert that the ambiguity over EV certificates has made the Trusted Signing service an attractive alternative for threat actors. Microsoft said it uses threat intelligence monitoring to find and revoke misused certificates and suspend accounts.
News – Masimo reports cyber incident affecting production sites – teiss
Masimo has reported a cyber incident that has impacted its production sites. The company is currently assessing the situation to understand the extent of the
