Microsoft reveals how China-based threat group Storm-0558 compromised an engineer's corporate account that led to the theft of an Outlook signing key.

The Tidyverse Blog offers insights, tutorials, and updates on the Tidyverse, a collection of R packages for data science and statistical computing. Covering topics such as data manipulation, visualization, and analysis, the blog provides resources for R developers looking to leverage the power of the Tidyverse for their data projects. Developers can learn how to use Tidyverse packages effectively to clean, transform, and analyze data in R.

The Hacker News

China-based threat actor known as Storm-0558 acquired the inactive consumer signing key to forging tokens to access Outlook. This enabled the adversary to access a crash dump of the consumer signing system that took place in April 2021 and steal the key. The crash dump was moved to a debugging environment on the internet-connected corporate network.

Outlook Breach: Microsoft Reveals How a Crash Dump Led to a Major Security Breach