Tag

Code-Signing

3 briefs RSS

Code Signing Policy Modification Through Built-in Tools

Attackers may attempt to disable or modify code signing policies on Windows systems by using built-in tools like bcdedit.exe in order to execute unsigned or self-signed malicious code.

M365 Defender +1 defense-evasion code-signing windows

2r 1t 8h ago

high advisory

osslsigncode Stack Buffer Overflow Vulnerability (CVE-2026-39853)

2 rules 1 TTP 1 CVE

A stack buffer overflow vulnerability (CVE-2026-39853) exists in osslsigncode versions prior to 2.12 due to insufficient validation of digest length during PKCS#7 signature verification, potentially leading to arbitrary code execution.

osslsigncode buffer-overflow authenticode code-signing CVE-2026-39853

2r 1t 1c 3w ago

medium advisory

Code Signing Policy Modification Through Registry

2 rules 2 TTPs

Attackers may modify the Windows registry to disable code signing policy, allowing the execution of unsigned or self-signed malicious code, thereby bypassing security controls and enabling defense evasion.

Elastic Defend +2 defense-evasion registry-modification code-signing

2r 2t Jan 2, 2024