DigiCert Revokes Certificates After Support Portal Hack
Summary
DigiCert has revoked a number of its digital certificates after its support portal was compromised. Attackers reportedly used a customer chat channel to deliver malware, which infected an analyst's system and provided access to the internal support portal.
IFF Assessment
This incident represents a significant breach of trust and a potential avenue for further attacks by compromising a certificate authority's infrastructure.
Defender Context
This incident highlights the critical importance of securing internal support portals and communication channels, as they can become prime targets for attackers seeking to compromise trusted entities. Defenders should focus on robust endpoint protection, network segmentation, and strict access controls for all administrative and support systems.