Summary
DigiCert revoked 60 EV Code Signing certificates after a threat actor compromised support analyst endpoints via a malicious chat attachment to harvest certificate initialization codes. The breach exploited a lack of data masking in the support portal and a malfunctioning EDR sensor, allowing the attacker to sign malware before detection.
Read the full article on BeyondMachines
This article was originally published on BeyondMachines
Top comments (0)