Decipher editors Dennis Fisher and Lindsey O'Donnell-Welch break down a busy news week, including Microsoft's revelations about the theft of its signing key, the Trickbot group sanctions, and some new Apple iOS zero days.
Microsoft answered lingering questions about how China-based threat actors acquired a Microsoft account consumer signing key, leading to the previously disclosed hack of several Outlook accounts.
Researchers recently examined more than 400 malware families and found that 25 percent of them abused legitimate internet services as part of their attack infrastructure.
Microsoft fixed one actively exploited vulnerability in its August patch Tuesday releases, along with 72 other bugs.
Microsoft was criticized after it took five months to fully patch an issue in its Power platform.