Installers from @AdobeSecurity try to cheat Authenticode, which can result in additional blocks and security warnings: https://t.co/YaiJ0aFWJ7

Hash-based driver blocklists are insecure, because of how Authenticode signatures are computed. Nothing new, but not as well known as it should be.

Hackers turn ScreenConnect into malware using Authenticode stuffing

Silver Fox APT Group altered a single byte in the unauthenticated timestamp field of the WatchDog Antimalware driver’s Microsoft Authenticode signature to bypassing hash-based blocklists. https://t.co/c8ztztIAIg

Authenticode shenanigans

Malware Analysis - 3CX SmoothOperator Authenticode Abuse #Hacking #PenTest https://t.co/h3wGLsHZyI

To the person trying to give donations, but installs #signed #SolarMarker #infostealer: I'm sorry https://t.co/SXawGpFhst hasn't revoked the Authenticode cert I reported to them weeks ago. C2: 185.73.202.88 @JAMESWT_MHT VT: https://t.co/D2JaK9bzrN MB: https://t.co/OObU7T5kPp

@smolar_m The problem was that for these two affected binaries – shdloader.efi (CVE-2022-34302) and esdiags.efi (CVE-2022-34301) – flat SHA256 file hashes were added to the DBX update instead of their PE authenticode hashes. https://t.co/395MLtT5L6 2/5

Next #pestudio to show the "program-name" hidden in the internal structure of the Authenticode signature #Malware #dfir #infosec https://t.co/1mTjTiZLFZ

On Authenticode Signing and EV Certificates

4096bits of shiny new security goodness. 3 year Authenticode certificate on a cute little HSM.

Algumas pessoas me relataram esta mensagem do windows em AIDA POCKET: Ela pode aparecer porque o software não tem um authenticode, isso é um certificado digital emitido por uma entidade certificadora reconhecida pelo windows. Pq não temos? porque custa 200-300 dolares por ano

📣.NET Foundation adopting new signing tool: Code Signing CLI tool supporting Authenticode, NuGet, VSIX, and ClickOnce 🤔Learn more https://t.co/VCJ8wF5q7j #dotnet

TIL: Microsoft Authenticode signs the JavaScript files inside the Purview Chrome extension.

ICYMI 📣.NET Foundation adopting new signing tool: Code Signing CLI tool supporting Authenticode, NuGet, VSIX, and ClickOnce 🤔Learn more https://t.co/yftL1pRVJm #dotnet

SolarMarker malware continues to threaten sectors like education, healthcare, & SMEs. With a multi-tiered infrastructure active since 2021, it uses advanced techniques like Authenticode certificates & large zip files to evade detection. Read more: https://t.co/cW2tVk4soh

Just released WDACConfig 0.3.3 ✅Create/Augment a policy by selecting Code Integrity logs using GUI ✅Calculate Authenticode and 1st page hashes of files ✅Improved CI log parsing for Xtreme visibility ✅WDAC Simulation improvements #CyberSecurity #Windows https://t.co/8rGnvxhgeN

> Authenticode in 2025 – Azure Trusted Signing https://t.co/si7MDdzLq0

LIEF Rust bindings updates: documentation, PE authenticode, ... https://t.co/ZpzFpoBlhq