Welcome to our

Cyber Security News Aggregator

Cyber Tzar

provide a

cyber security risk management

platform; including automated penetration tests and risk assesments culminating in a "cyber risk score" out of 1,000, just like a credit score.

First slide label

Some representative placeholder content for the first slide.

Second slide label

Some representative placeholder content for the second slide.

Third slide label

Some representative placeholder content for the third slide.

Extracting Certificates For Defender

published on 2022-12-05 00:00:00 UTC by Didier Stevens
Content:

A colleague asked me for help with extracting code signing certificates from malicious files, to add them to Defender’s block list.

The procedure involves right-clicking the EXE in Windows Explorer, selecting properties to view the digital signature, and so on …

But I don’t like procedures where one has to click on malware.

So I looked for a PowerShell command, and found this.

Get-AuthenticodeSignature .\malware.exe.vir | Select-Object -ExpandProperty SignerCertificate | Export-Certificate -Type CERT -FilePath SignerCertificate.cer

Article: Extracting Certificates For Defender - published over 1 year ago.

http://blog.didierstevens.com/2022/12/05/extracting-certificates-for-defender/
Published: 2022 12 05 00:00:00
Received: 2022 12 16 12:19:50
Feed: Didier Stevens
Source: Didier Stevens
Category: Cyber Security
Topic: Cyber Security
Views: 0