A targeted social engineering attack against DigiCert’s support channel led to the compromise of internal systems and the unauthorized issuance of EV Code Signing certificates. DigiCert is a global Certificate Authority (CA) providing digital trust services, specializing in TLS/SSL certificates, PKI management, and IoT security. According to DigiCert’s incident report, a threat actor contacted the support team via a customer chat channel and delivered a malicious ZIP file disguised as a customer screenshot, which contained … More →
The post DigiCert breached via malicious screensaver file appeared first on Help Net Security.
http://news.poseidon-us.com/TSMZKP
