Leaked Nvidia Code-Signing Certificate Now Being Used by Malware | #microsoft | #hacking | #cybersecurity

Trouble is brewing in the fallout from the Nvidia hack attack, which we first reported on in late February. Two code-signing certificates were among the purported 1TB of data obtained, which compromised hardware schematics, firmware, drivers, employee information, and more. The significance of the certificates getting into any hackers’ grubby hands is that threat actors can repurpose them to sign their (mal)wares, reports Bleeping Computer.

(Image credit: Bill Demirkapi)

Just ahead of the weekend, computer security specialist Bill Demirkapi highlighted the two leaked Nvidia Corporation certificates, as issued by VeriSign. You can see from the screenshots above that one of them expired in 2014 and the other in 2018. Despite the certificates so clearly being expired, Demirkapi says that ” Windows still allows them to be used for driver signing purposes.”

Original Source link

Leave a Reply

Your email address will not be published.

− 1 = four