Malware peddlers don't always have to steal or buy (from sellers on underground forums) legitimate and valid code-signing certificates to sign their malware with - sometimes the certificates can be found just "laying around" in open source software and code repositories.
Just a ten minutes long browsing session of the leaked Ashley Madison source code revealed to infosec consultant Gabor Szathmari a number of security mistakes that have likely helped the attackers move within the company's networks.
The fact that CEOs have tendered their resignations in the aftermath of public breaches is a clear indication that the executive level is being held more accountable for the cyber security practices of their organizations.
In the wake of the Ashley Madison hack and consequent data leaks, blackmailers and scammers are doing their best to extract as much money and information as it's possible from the panicking users of the popular cheating site.
As you might have heard by now, some 10 gigabytes of data allegedly stolen in last month's Ashley Madison hack have been leaked by the attackers on the Dark Web and on Torrent file-sharing services.
Reading our newsletter every Monday will keep you up-to-date with security news.
Receive a daily digest of the latest security news.