"While Microsoft said when it disclosed the incident in July that only Exchange Online and Outlook were impacted, Wiz security researcher Shir Tamari later said that the compromised Microsoft consumer signing key provided Storm-0558 widespread access to Microsoft cloud services.
As Tamari said, the key could be used to impersonate any account within any impacted customer or cloud-based Microsoft application."
https://www.bleepingcomputer.com/news/microsoft/hackers-stole-microsoft-signing-key-from-windows-crash-dump/
Dervishe the Grey /
npub17s…hjfyp
2023-09-06 19:46:16
Author Public Key
npub17s4hl92zcj4a047vsawxxypt37w6tm60w3smevld925pfw4y0zksthjfypSeen on
wss://relay.nostr.bandPublished at
2023-09-06 19:46:16Event JSON
{
"id": "7ba64f57aad88dea5b3d672d5fc9221849bd4db69b175a471f99833fc091c31a",
"pubkey": "f42b7f9542c4abd7d7cc875c63102b8f9da5ef4f7461bcb3ed2aa814baa478ad",
"created_at": 1694029576,
"kind": 1,
"tags": [
[
"proxy",
"https://mastodon.sdf.org/users/dervishe/statuses/111019922323878555",
"activitypub"
]
],
"content": "\"While Microsoft said when it disclosed the incident in July that only Exchange Online and Outlook were impacted, Wiz security researcher Shir Tamari later said that the compromised Microsoft consumer signing key provided Storm-0558 widespread access to Microsoft cloud services.\n\nAs Tamari said, the key could be used to impersonate any account within any impacted customer or cloud-based Microsoft application.\"\n\nhttps://www.bleepingcomputer.com/news/microsoft/hackers-stole-microsoft-signing-key-from-windows-crash-dump/",
"sig": "a94bc9a95076041da68cf249293396ace30c706e067f2abb5759995f5febff265d9dc45c7c99d7d6e14928541e28f38a140924b4eb78741bf27830ee02a6886f"
}