zlacker

[parent] [thread] 3 comments
1. hulitu+(OP)[view] [source] 2022-03-05 17:18:15
Because some corporate environments only allow you to run signed executables. "Defense in depth" :)
replies(1): >>ec1096+QJ
2. ec1096+QJ[view] [source] 2022-03-05 21:55:46
>>hulitu+(OP)
So it’s effective in those environments?
replies(1): >>hulitu+sR1
◧◩
3. hulitu+sR1[view] [source] [discussion] 2022-03-06 10:57:06
>>ec1096+QJ
> So it’s effective in those environments?

No. Those environments will happyly install the malware code because it is signed by Microsoft.

replies(1): >>ec1096+BZ2
◧◩◪
4. ec1096+BZ2[view] [source] [discussion] 2022-03-06 20:31:50
>>hulitu+sR1
The original post I was responding to was saying it was already game over regardless of whether hacker had the ability to sign their binary.

Clearly that isn’t true.

[go to top]