Security News > 2018 > June > Fooling security tools into believing malicious code was signed by Apple
2018-06-12 19:03
The way developers of third-party security tools use the Apple code signing API could be exploited by attackers to make malicious code linger undetected on Macs, a security researcher has discovered. “Security, incident response, and forensics processes and personnel use code signing to weed out trusted code from untrusted code. To undermine a code signing implementation for a major OS would break a core security construct that many depend on for day to day security … More → The post Fooling security tools into believing malicious code was signed by Apple appeared first on Help Net Security.
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/_ycRYwmU4Kc/
Related news
- SOC teams are frustrated with their security tools (source)
- Week in review: Microsoft fixes two exploited zero-days, SOC teams are losing trust in security tools (source)
- Apple Opens PCC Source Code for Researchers to Identify Bugs in Cloud AI Security (source)
- Best AI Security Tools: Top Solutions, Features & Comparisons (source)