cybersecurity

3156 readers

4 users here now

An umbrella community for all things cybersecurity / infosec. News, research, questions, are all welcome!

Community Rules

Be kind
Limit promotional activities
Non-cybersecurity posts should be redirected to other communities within infosec.pub.

Enjoy!

founded 1 year ago

MODERATORS

[email protected]

Compromised Microsoft Key: More Impactful Than We Thought | Wiz Blog (www.wiz.io)

submitted 1 year ago by [email protected] to c/[email protected]

3 comments fedilink hide all child comments

you are viewing a single comment's thread
view the rest of the comments

[–] [email protected] 1 points 1 year ago (3 children)

Fantastic writeup. I wonder, how does a threat actor get access to a signing key like this? There was no mention of how the key got leaked in the first place.

[–] [email protected] 2 points 1 year ago

Below is a more detailed report about the IOCs, but indeed, they don't seem to want to say anything about the original source of the key leak.

https://www.microsoft.com/en-us/security/blog/2023/07/14/analysis-of-storm-0558-techniques-for-unauthorized-email-access/

[–] [email protected] 2 points 1 year ago

Yes, that part is still undisclosed by Microsoft. It is mentioned in the article as well:

We will continue to closely monitor this incident and provide updates; this is still an ongoing investigation and there are many unanswered questions (how did the threat actor acquire the key? When exactly did it happen? Were other keys compromised as well?).