CSOonline

Alert to Kali Linux admins: Get the new signing key or no distro updates for you

Organization admits it ‘lost’ access to its signing key; an expert says this shows the need for object management by CISOs. Kali Linux administrators who haven’t manually updated the signing key for ...
Linux Journal

Signing Git Commits

Protect your code commits from malicious changes by GPG-signing them. Often when people talk about GPG, they focus on encryption—GPG's ability to protect a file or message so that only someone who has ...
Dark Reading

How to Use SSH Keys and 1Password to Sign Git Commits

1Password is making it easier for GitHub users to set up signed commits using SSH keys. Signed commits verify that the person making the code change is who they say they are. When code is checked into ...
Bleeping Computer

Microsoft still unsure how hackers stole Azure AD signing key

Microsoft says it still doesn't know how Chinese hackers stole an inactive Microsoft account (MSA) consumer signing key used to breach the Exchange Online and Azure AD accounts of two dozen ...
The Hill

Chinese hackers stole signing key used to breach US officials’ emails from Microsoft engineer, company says

Chinese hackers obtained a consumer signing key that was used to breach U.S. officials’ emails earlier this year through a Microsoft engineer’s account, the company said Wednesday. An investigation ...