APTs, RATs and Code-Signing Attacks

From securityboulevard.com

code-signing

Code-signing certificates have become a high-value target for cybercriminals. Here’s how to keep your certificates safe

There’s a lot of buzz right now about a report, recently released by BlackBerry that reveals how five related APT groups have conducted attacks on a global scale for nearly a decade—all without detection.

The report, titled “Decade of the RATs: Cross-Platform APT Espionage Attacks Targeting Linux, Windows and Android,” digs into a series of backdoors, malicious toolsets and remote access trojans (RATs), but one tactic shared by all groups is the use of stolen code-signing certificates.

Read more…