security: Signed malware impersonating workplace apps deploys RMM backdoors

Signed malware using a stolen EV code-signing certificate impersonated workplace apps to install legitimate remote monitoring and management (RMM) tools for persistent enterprise access. The post advises tightening certificate controls and monitoring RMM tool usage to reduce risk.

• Source: Microsoft Security Blog