Code signing certificates misused
On February 15, Australian antivirus manufacturer Emsisoft announced that a security incident had occurred in which a fake code-signing certificate was used to disguise a targeted attack against an organization. The attacker's goal was to trick the affected organization into allowing an application that the threat actor had installed and intended to use by making its detection appear as false positives. The attack failed, the antivirus software detected and blocked it. The method by which initial access was gained is still unclear, but most likely either a brute force attack on…