TIL there’s a ‘strict’ mode for Microsoft’s Authenticode signature verification. It’s off by default and is actively being exploited. Turning it on has the side effect of rendering some executables as untrusted. Fun choice.
The Hacker News
 @TheHackersNews
5 Jan 2022
A new Zloader #banking trojan campaign is now exploiting the #Microsoft Signature Verification system to evade detection and steal cookies, passwords and other sensitive data. Read details - thehackernews.com/2022/01/ne… It already has over 2,000 victims in 111 countries.

Jan 5, 2022 · 11:47 AM UTC
1