After leaving many questions unanswered, a new post mortem from Microsoft explains the series of slip-ups that allowed attackers to steal and abuse a valuable cryptographic key.
It essentially sat unnoticed for a long time too. I can’t imagine anyone of expertise considered Azure to be the best option for security, but holy hell this is embarrassing.
It essentially sat unnoticed for a long time too. I can’t imagine anyone of expertise considered Azure to be the best option for security, but holy hell this is embarrassing.