■■■■■ Financially motivated actor breaks certificate parsing to avoid detection.
Mr. Neel Mehta found an attacker using certificates that OpenSSL won’t parse but Windows will accept.
https://blog.google/threat-analysis-group/financially-motivated-actor-breaks-certificate-parsing-avoid-detection/amp/
https://t.me/cKure/9510