https://www.microsoft.com/en-us/security/blog/2023/07/14/analysis-of-storm-0558-techniques-for-unauthorized-email-access/

  • blobjim [he/him]
    ·
    1 year ago

    Pretend to be someone they aren't

    An actor that can acquire a private signing key can then create falsified tokens with valid signatures that will be accepted by relying parties. This is called token forgery.

      • blobjim [he/him]
        ·
        1 year ago

        The article just says they signed authentication tokens which gave them access to outlook emails. I don't think it was code signing that would let them distribute software, and that's not what they were after.