The mystery of how Chinese hackers managed to steal a crucial signing key that allowed them to breach Microsoft 365’s email service and access accounts of employees of 25 government agencies has been explained: they found it somewhere where it shouldn’t have been – Microsoft’s corporate environment. The theft of a Microsoft signing key In short: The key was included in the crash dump of a consumer signing system located in Microsoft’s “highly isolated and … More
The post How Chinese hackers got their hands on Microsoft’s token signing key appeared first on Help Net Security.
This article has been indexed from Help Net Security
Read the original article: