Digital Signature
Post-Quantum Cryptography: The Future of Secure Communications and the Role of Standards
Digital security has long relied on cryptographic systems that use complex mathematical problems (also known as algorithms) to keep sensitive data and transactions safe from unauthorized access. These algorithms were designed to ...
Dropbox Sign Breach: Threat Actors Access User Information
In a recent disclosure, cloud storage giant Dropbox revealed a breach affecting its digital signature service, Dropbox Sign (formerly HelloSign). The Dropbox Sign breach, identified on April 24, 2024, compromised user data, ...
Beware of Expired or Compromised Code Signing Certificates
Given the alarming rise in software supply chain attacks and consumers growing more cyber-aware and security-conscious, software providers need to demonstrate a stronger commitment to securing their software and applications and fostering ...
‘Crypto Bug of the Year’ Fixed — Update Java NOW
A ridiculously dumb flaw in Java’s signature checking code is patched. This isn’t some crufty legacy Sun code, but actual garbage Oracle sloppiness that’s causing IT people to chase their tails yet again ...
Cyberespionage Group Steals Certificates to Sign Malware
A cyberespionage group has stolen code-signing certificates from D-Link and another Taiwanese technology company and used them to sign a backdoor program. BlackTech is a group of attackers known for targeting organizations ...
Large Percentage of Malware Downloads Are Signed with Valid Certificates
The misuse of code signing certificates is so widespread that a larger percentage of malware downloaded to computers is digitally signed than that of benign software programs. Antivirus company Trend Micro studied ...
