Malware now using NVIDIA's stolen code signing certificates
Threat actors are using stolen NVIDIA code signing certificates to sign malware to appear trustworthy and allow malicious drivers to be loaded in Windows. [...]
Stay updated on certificate-related infosec topics, including SSL/TLS, PKI, and digital certificate management for robust cyber security.
Search across headline titles and summaries.
Background for this topic.
Digital certificates are electronic documents that verify the ownership of a public cryptographic key by an individual, organization, or device. Issued by trusted Certificate Authorities (CAs) within a Public Key Infrastructure (PKI), certificates enable secure communication by confirming identities and supporting encryption protocols like TLS. They include information such as the subject’s name, public key, issuer, validity period, and digital signature from the CA.
Security concerns with certificates focus on risks like CA compromise or fraudulent issuance, which can allow attackers to impersonate legitimate entities and intercept or alter encrypted traffic. Expired or revoked certificates may cause connection failures or be exploited if clients do not properly validate them. Effective certificate lifecycle management—including timely renewal, revocation checking (via CRLs or OCSP), and monitoring for unauthorized certificates—is essential to maintaining trust and preventing man-in-the-middle attacks or unauthorized access.
Threat actors are using stolen NVIDIA code signing certificates to sign malware to appear trustworthy and allow malicious drivers to be loaded in Windows. [...]
70k staff email addresses and NTLM password hashes also dumped online An Nvidia code-signing certificate was among the mountain of files stolen and leaked online by criminals who ransacked the GPU giant's internal systems.…
A group of 38 cybersecurity professors and IT experts worldwide, together with the Electronic Frontier Foundation (EFF), have cosigned a letter to EU regulators that warns of a proposal that could expose internet users to cybercrime. [...]