ioc[.]one - OSINT Cyber Threat Intelligence Database

Show in Graph

Common Information

Type	Value
Value	Code Signing - T1553.002
Category	Attack-Pattern
Type	Mitre-Attack-Pattern
Misp Type	Cluster
Description	Adversaries may create, acquire, or steal code signing materials to sign their malware or tools. Code signing provides a level of authenticity on a binary from the developer and a guarantee that the binary has not been tampered with. (Citation: Wikipedia Code Signing) The certificates used during an operation may be created, acquired, or stolen by the adversary. (Citation: Securelist Digital Certificates) (Citation: Symantec Digital Certificates) Unlike [Invalid Code Signature](https://attack.mitre.org/techniques/T1036/001), this activity will result in a valid signature. Code signing to verify software on first run can be used on modern Windows and macOS systems. It is not used on Linux due to the decentralized nature of the platform. (Citation: Wikipedia Code Signing)(Citation: EclecticLightChecksonEXECodeSigning) Code signing certificates may be used to bypass security policies that require signed code to execute on a system.

Details		Published	Attributes	Title
Details	Website	2022-10-27	2	How to Solve Code Signing Certificate Expiration Issues?
Details	Website	2022-10-27	8	Where is the Origin QAKBOT Uses Valid Code Signing
Details	Website	2022-10-27	5	Where is the Origin QAKBOT Uses Valid Code Signing
Details	Website	2022-10-26	116	Multiple Vulnerabilities in Apple Products Could Allow for Arbitrary Code Execution
Details	Website	2022-10-24	12	Best Malware Analysis Tools List For Malware Analyst - 2022
Details	Website	2022-10-24	0	Cloud Native Security: What Does It Really Mean? – Lets learn something new
Details	Website	2022-10-24	0	SBOMs are critical to software supply chain security — but only the first step in your journey
Details	Website	2022-10-18	10	Things to Know about Sectigo Code Signing Certificate
Details	Website	2022-10-13	2	What is the Time Taken for Issuance of Code Signing Certificates?
Details	Website	2022-10-12	549	A plumber connected his USB drive to my pc without my permission - Virus, Trojan, Spyware, and Malware Removal Help
Details	Website	2022-10-12	1	Cyberespionage. C2C market offerings. The CISO's place, post-Uber. Hybrid war update. Patch Tuesday notes.
Details	Website	2022-10-11	18	October 2022 Patch Tuesday \| Microsoft Releases 84 Vulnerabilities with 13 Critical, plus 12 Microsoft Edge (Chromium-Based); Adobe Releases 4 Advisories, 29 Vulnerabilities with 17 Critical. \| Qualys Security Blog
Details	Website	2022-10-10	3	Introducing Keyfactor Signum: A New Signing as a Service Platform
Details	Website	2022-10-10	0	Eternity threat group’s LilithBot: A criminal multitool
Details	Website	2022-10-10	2	What is Adobe Code Signing Certificate? [A Detailed Guide]
Details	Website	2022-10-07	2	What is Microsoft Authenticode Code Signing Certificate? [A Detailed Guide]
Details	Website	2022-10-06	4	What is Java Code Signing Certificate [A Detailed Guide]
Details	Website	2022-10-06	15	Evolution of BazarCall Social Engineering Tactics
Details	Website	2022-10-06	15	Evolution of BazarCall Social Engineering Tactics
Details	Website	2022-10-06	15	Evolution of BazarCall Social Engineering Tactics
Details	Website	2022-10-05	30	Analysis of LilithBot Malware and Eternity Threat Group \| Zscaler
Details	Website	2022-10-04	2	Developer account body snatchers pose risks to the software supply chain
Details	Website	2022-10-04	2	Best Code Signing Certificates to Buy from Global Trusted Certificate Authorities
Details	Website	2022-10-03	0	Shining New Light on an Old ROM Vulnerability: Secure Boot Bypass via DCD and CSF Tampering on NXP i.MX Devices
Details	Website	2022-10-03	2	What is Enterprise Code Signing Certificate [A Detailed Guide]