Bleeping Computer

Hackers turn ScreenConnect into malware using Authenticode stuffing

Threat actors are abusing the ConnectWise ScreenConnect installer to build signed remote access malware by modifying hidden settings within the client's Authenticode signature. ConnectWise ...
ZDNet

Malsmoke hackers abuse Microsoft signature verification in ZLoader cyberattacks

The Malsmoke hacking group is now abusing a vulnerability in Microsoft's e-signature verification tool to deploy malware and steal user data. On Wednesday, Check Point Research (CPR) said that as of ...
Wired

Hackers Are Exploiting a Flaw Microsoft Fixed 9 Years Ago

The widely used malware ZLoader crops up in all sorts of criminal hacking, from efforts that aim to steal banking passwords and other sensitive data to ransomware attacks. Now, a ZLoader campaign that ...
TechRepublic

MalSmoke attack: Zloader malware exploits Microsoft’s signature verification to steal sensitive data

MalSmoke attack: Zloader malware exploits Microsoft’s signature verification to steal sensitive data Your email has been sent Already impacting more than 2,000 victims, the malware is able to modify a ...
Threat Post

‘Malsmoke’ Exploits Microsoft’s E-Signature Verification

The info-stealing campaign using ZLoader malware – previously used to deliver Ryuk and Conti ransomware – already has claimed more than 2,000 victims across 111 countries. Threat actors are exploiting ...