TamperedChef Malware: Why That Signed Productivity App Could Be Dangerous You’ve probably heard that you should only download software that is digitally signed. A signature from a trusted certificate authority is supposed to guarantee the file hasn’t been tampered with and comes from a legitimate developer. But a new malware campaign called TamperedChef shows that even signed apps can be dangerous. ...
Chrome Extensions Turned Attack Vectors: What to Do Right Now Even useful browser extensions can become a hidden threat. Recent reports from Security Boulevard and other security outlets describe a campaign in which seemingly legitimate productivity extensions for Chrome were used as backdoors to infiltrate enterprise systems. The attack relied on a supply-chain compromise—attackers injected malicious code into extensions that appeared normal, then distributed them through official channels. If you use Chrome at work or even at home, understanding how this happened and what you can do about it is worth a few minutes of your time. ...