14

Compromised Microsoft Key: More Impactful Than We Thought | Wiz Blog(www.wiz.io)

posted
by
Avatar
thebeesknees@feddit.nl
in
Avatar
cybersecurity@infosec.pub
3 comments
hidereport
Sort:
HotTopControversialNewOld
You are viewing a single thread.
View all comments
Avatar
br3ad@infosec.pub
1 point

Fantastic writeup. I wonder, how does a threat actor get access to a signing key like this? There was no mention of how the key got leaked in the first place.

permalink
report
reply
Avatar
helpmeplease@infosec.pub
2 points

Below is a more detailed report about the IOCs, but indeed, they don’t seem to want to say anything about the original source of the key leak.

https://www.microsoft.com/en-us/security/blog/2023/07/14/analysis-of-storm-0558-techniques-for-unauthorized-email-access/

permalink
report
parent
reply
Avatar
thebeesknees@infosec.pub
2 points

Yes, that part is still undisclosed by Microsoft. It is mentioned in the article as well:

We will continue to closely monitor this incident and provide updates; this is still an ongoing investigation and there are many unanswered questions (how did the threat actor acquire the key? When exactly did it happen? Were other keys compromised as well?).

permalink
report
parent
reply
Avatar
helpmeplease@infosec.pub
1 point
Deleted by creator
permalink
report
parent
reply

cybersecurity

!cybersecurity@infosec.pub

Create post

An umbrella community for all things cybersecurity / infosec. News, research, questions, are all welcome!

Community Rules

  • Be kind
  • Limit promotional activities
  • Non-cybersecurity posts should be redirected to other communities within infosec.pub.

Enjoy!

Community stats

  • 98

    Monthly active users

  • 402

    Posts

  • 1.3K

    Comments

Community moderators