Microsoft Defender wrongly flags DigiCert certs as Trojan:Win32/Cerdigent.A!dha

Microsoft Defender is detecting legitimate DigiCert root certificates as Trojan:Win32/Cerdigent.A!dha, resulting in ...
Windows Report

Windows “Cerdigent” Threat Warnings Spread, But Many May Be False Positives

Microsoft Defender “Cerdigent” alerts may stem from DigiCert certificate abuse, not active malware infections.
CSOonline

Windows code-signing attacks explained (and how to defend against them)

Code signing is a mechanism by which software manufacturers assure their consumers that they are running legitimate software, signed by its manufacturer via cryptography. This ensures that the ...
Neowin

Windows 8 support for EV code signing certificates revealed

Microsoft has announced that it now supports Extended Validation (EV) code signing certificates for desktop programs for the SmartScreen feature in Windows 8, IE 9 and IE 10. Downloading programs via ...
Bleeping Computer

GitHub revokes code signing certificates stolen in repo hack

GitHub says unknown attackers have stolen encrypted code-signing certificates for its Desktop and Atom applications after gaining access to some of its development and release planning repositories.
Threat Post

NVIDIA’s Stolen Code-Signing Certs Used to Sign Malware

NVIDIA certificates are being used to sign malware, enabling malicious programs to pose as legitimate and slide past security safeguards on Windows machines. Two of NVIDIA’s code-signing certificates ...
Computerworld

What’s past is prologue: When code-signing in Windows 11 goes bad

Eighteen years ago, a code-signing issue with Small Business Server 2003 caused problems for early installations. Last week, a similar problem cropped up in Windows 11. Once upon a time in technology, ...