this post was submitted on 24 Jul 2023
14 points (93.8% liked)

cybersecurity

3249 readers
1 users here now

An umbrella community for all things cybersecurity / infosec. News, research, questions, are all welcome!

Community Rules

Enjoy!

founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[โ€“] br3ad@infosec.pub 1 points 1 year ago (3 children)

Fantastic writeup. I wonder, how does a threat actor get access to a signing key like this? There was no mention of how the key got leaked in the first place.

[โ€“] helpmeplease@infosec.pub 2 points 1 year ago

Below is a more detailed report about the IOCs, but indeed, they don't seem to want to say anything about the original source of the key leak.

https://www.microsoft.com/en-us/security/blog/2023/07/14/analysis-of-storm-0558-techniques-for-unauthorized-email-access/

load more comments (2 replies)