Microsoft digital certificates have once again been abused to sign malware

Source

Enlarge (credit: Getty Images) Microsoft has once again been caught allowing its legitimate digital certificates to sign malware in the wild, a lapse that allows the malicious files to pass strict security checks designed to prevent them from running on the Windows operating system. Multiple threat actors were involved in the misuse of Microsoft’s digital imprimatur, which they used to give Windows and endpoint security applications the impression malicious system drivers had been certified as safe by Microsoft. That has led to speculation that there may be one or more malicious organizations selling malicious driver-signing as a service. In all, [...]