September 25, 2021 at 02:20PM

■■■■■ Financially motivated actor breaks certificate parsing to avoid detection.

Mr. Neel Mehta found an attacker using certificates that OpenSSL won’t parse but Windows will accept.

https://blog.google/threat-analysis-group/financially-motivated-actor-breaks-certificate-parsing-avoid-detection/amp/

https://t.me/cKure/9510