Tighten Pro - Tighten Pro Mac: To bypass code-signing checks, malware gang steals lots of certificates | Ars Technica C/C++/Cocoa tool for codesign security, Developer ID, & Mac App Store Receipt Validation

Tighten Pro
C/C++/Cocoa tool for codesign security, Developer ID, & Mac App Store Receipt Validation

Tighten Pro - in the Mac App Store

Tighten Pro is now available in the Mac App Store. Simply click on the icon to the left to purchase directly from Apple. Or choose PKCS#7Viewer.app by clicking the image to the right.

3.20.2016

Mac Developer: To bypass code-signing checks, malware gang steals lots of certificates | Ars Technica

To bypass code-signing checks, malware gang steals lots of certificates | Ars Technica "There are lots of ways to ensure the success of an advanced hacking operation. For a gang called Suckfly, one of the keys is having plenty of stolen code-signing certificates on hand to give its custom malware the appearance of legitimacy.

Since 2014, the group has used no fewer than nine separate signing certificates from nine separate companies to digitally sign its hacking wares, according to a blog post published Tuesday by security firm Symantec.

Probably the only thing worse than "no security" is the illusion of security.

Labels: app security, codesigning

By : Tighten To bypass code-signing checks, malware gang steals lots of certificates | Ars Technica

0 Comments:

Post a Comment