Security News > 2018 > June > Fooling security tools into believing malicious code was signed by Apple

The way developers of third-party security tools use the Apple code signing API could be exploited by attackers to make malicious code linger undetected on Macs, a security researcher has discovered. “Security, incident response, and forensics processes and personnel use code signing to weed out trusted code from untrusted code. To undermine a code signing implementation for a major OS would break a core security construct that many depend on for day to day security … More → The post Fooling security tools into believing malicious code was signed by Apple appeared first on Help Net Security.

News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/_ycRYwmU4Kc/