Show in Graph
Common Information
Type Value
Value 
Code Signing Certificates - T1587.002
Category Attack-Pattern
Type Mitre-Attack-Pattern
Misp Type Cluster
Description Adversaries may create self-signed code signing certificates that can be used during targeting. Code signing is the process of digitally signing executables and scripts to confirm the software author and guarantee that the code has not been altered or corrupted. Code signing provides a level of authenticity for a program from the developer and a guarantee that the program has not been tampered with.(Citation: Wikipedia Code Signing) Users and/or security tools may trust a signed piece of code more than an unsigned piece of code even if they don't know who issued the certificate or who the author is. Prior to [Code Signing](https://attack.mitre.org/techniques/T1553/002), adversaries may develop self-signed code signing certificates for use in operations.
Details Published Attributes CTI Title
Details Website 2023-03-09 38 DUCKTAIL: Threat Operation Re-emerges with New LNK, PowerShell, and Other Custom Tactics to Avoid Detection | Deep Instinct
Details Website 2023-03-06 3 Your Guide to Secure Code Signing: Four Steps to Get Started
Details Website 2023-03-06 0 Journey Into Cybersecurity: What are Certificates?
Details Website 2023-03-02 199 Russia/Ukraine Update - February 2023
Details Website 2023-03-01 103 BlackLotus UEFI bootkit: Myth confirmed | WeLiveSecurity
Details Website 2023-02-24 0 Checking your Mac for viruses. Wait, what?
Details Website 2023-02-21 0 Best Web Application Security Techniques 2023
Details Website 2023-02-16 1 Emsisoft says hackers are spoofing its certs to breach networks - RedPacket Security
Details Website 2023-02-06 0 Tips for Boosting your Organisation’s Security Posture with Encryption | IT PRO
Details Website 2023-01-30 2 Action needed for GitHub Desktop and Atom users | The GitHub Blog
Details Website 2023-01-13 1 These hackers used Microsoft-signed malicious drivers to further their ransomware attacks | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #ransomware - National Cyber Security
Details Website 2023-01-13 2 Ransomware Attackers Use Microsoft-Signed Drivers to Gain Access to Systems | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #ransomware - National Cyber Security
Details Website 2022-12-26 0 Comparison Analysis: Code Signing Vs. SSL Certificate
Details Website 2022-12-24 0 Cuba Ransomware Gang Abused Microsoft Certificates to Sign Malware | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #ransomware - National Cyber Security
Details Website 2022-12-20 133 Russia/Ukraine Update - December 2022
Details Website 2022-12-14 2 Ransomware Attackers Use Microsoft-Signed Drivers to Gain Access to Systems
Details Website 2022-12-14 0 Cuba ransomware group used Microsoft developer accounts to sign malicious drivers
Details Website 2022-12-13 0 Ransomware Gang Abused Microsoft Certificates to Sign Malware
Details Website 2022-12-13 19 Signed driver malware moves up the software trust chain
Details Website 2022-12-13 15 I Solemnly Swear My Driver Is Up to No Good: Hunting for Attestation Signed Malware | Mandiant
Details Website 2022-12-02 10 Leaked Android Platform Certificates Create Risks for Users | Rapid7 Blog
Details Website 2022-11-29 132 Russia/Ukraine Update - November 2022
Details Website 2022-11-24 0 DUCKTAIL malware campaign targeting Facebook business and ads accounts is back
Details Website 2022-11-21 2 Who needs a Code Signing Certificate?
Details Website 2022-11-17 5 DEV-0569 finds new ways to deliver Royal ransomware, various payloads - Microsoft Security Blog