Dark Reading

New Attack Campaign Exploits Microsoft Signature Verification

Security researchers are observing a new campaign in which attackers abuse the Microsoft e-signature verification to deploy Zloader, a banking malware designed to steal user credentials and private ...
ZDNet

Malsmoke hackers abuse Microsoft signature verification in ZLoader cyberattacks

The Malsmoke hacking group is now abusing a vulnerability in Microsoft's e-signature verification tool to deploy malware and steal user data. On Wednesday, Check Point Research (CPR) said that as of ...
Wired

Hackers Are Exploiting a Flaw Microsoft Fixed 9 Years Ago

The widely used malware ZLoader crops up in all sorts of criminal hacking, from efforts that aim to steal banking passwords and other sensitive data to ransomware attacks. Now, a ZLoader campaign that ...
Bleeping Computer

Nuclei flaw lets malicious templates bypass signature verification

A now-fixed vulnerability in the open-source vulnerability scanner Nuclei could potentially allow attackers to bypass signature verification while sneaking malicious code into templates that execute ...