On Thursday, Microsoft revealed that it took action against more than 200 certificates implicated in cybercriminal activities by a threat actor known as Vanilla Tempest. These fraudulent certificates were utilized specifically to sign malicious binaries that aided in ransomware operations. The certificates played a central role in delivering the Oyster backdoor, which subsequently led to the deployment of Rhysida ransomware in targeted attacks.
The Microsoft Threat Intelligence team elaborated on the seriousness of this threat in a post shared on X, emphasizing the potential dangers posed by such cybersecurity vulnerabilities. By revoking these certificates, Microsoft aims to mitigate the risks associated with these malicious operations and protect users from being targeted by ransomware. This proactive measure reflects a broader commitment to enhancing cybersecurity defenses and responding to evolving threats in the digital landscape.
👉 Pročitaj original: The Hacker News
