{"id":17934,"date":"2025-10-17T06:03:00","date_gmt":"2025-10-17T06:03:00","guid":{"rendered":"https:\/\/sekuritasit.com\/index.php\/2025\/10\/17\/microsoft-revokes-200-fraudulent-certificates-used-in-rhysida-ransomware-campaign-infothehackernews-com-the-hacker-news\/"},"modified":"2025-10-17T06:03:00","modified_gmt":"2025-10-17T06:03:00","slug":"microsoft-revokes-200-fraudulent-certificates-used-in-rhysida-ransomware-campaign-infothehackernews-com-the-hacker-news","status":"publish","type":"post","link":"https:\/\/sekuritasit.com\/index.php\/2025\/10\/17\/microsoft-revokes-200-fraudulent-certificates-used-in-rhysida-ransomware-campaign-infothehackernews-com-the-hacker-news\/","title":{"rendered":"Microsoft Revokes 200 Fraudulent Certificates Used in Rhysida Ransomware Campaign info@thehackernews.com (The Hacker News)"},"content":{"rendered":"<p>Microsoft on Thursday disclosed that it revoked more than 200 certificates used by a threat actor it tracks as Vanilla Tempest to fraudulently sign malicious binaries in ransomware attacks.<br \/>\nThe certificates were &#8220;used in fake Teams setup files to deliver the Oyster backdoor and ultimately deploy Rhysida ransomware,&#8221; the Microsoft Threat Intelligence team said in a post shared on X.<br \/>\nThe tech<a href=\"https:\/\/thehackernews.com\/2025\/10\/microsoft-revokes-200-fraudulent.html\" target=\"_blank\" class=\"feedzy-rss-link-icon\">Read More<\/a>\u00a0<\/p>","protected":false},"excerpt":{"rendered":"<p>Microsoft on Thursday disclosed that it revoked more than 200 certificates used by a threat actor it tracks as Vanilla Tempest to fraudulently sign malicious binaries in ransomware attacks. The certificates were &#8220;used in fake Teams setup files to deliver the Oyster backdoor and ultimately deploy Rhysida ransomware,&#8221; the Microsoft Threat Intelligence team said in [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":17935,"comment_status":"","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"om_disable_all_campaigns":false,"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"footnotes":""},"categories":[1],"tags":[],"class_list":["post-17934","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-uncategorized"],"aioseo_notices":[],"aioseo_head":"\n\t\t<!-- All in One SEO 4.9.8 - aioseo.com -->\n\t<meta name=\"description\" content=\"Microsoft on Thursday disclosed that it revoked more than 200 certificates used by a threat actor it tracks as Vanilla Tempest to fraudulently sign malicious binaries in ransomware attacks. The certificates were &quot;used in fake Teams setup files to deliver the Oyster backdoor and ultimately deploy Rhysida ransomware,&quot; the Microsoft Threat Intelligence team said in\" \/>\n\t<meta name=\"robots\" content=\"max-image-preview:large\" \/>\n\t<meta name=\"author\" content=\"admin\"\/>\n\t<link rel=\"canonical\" href=\"https:\/\/sekuritasit.com\/index.php\/2025\/10\/17\/microsoft-revokes-200-fraudulent-certificates-used-in-rhysida-ransomware-campaign-infothehackernews-com-the-hacker-news\/\" \/>\n\t<meta name=\"generator\" content=\"All in One SEO (AIOSEO) 4.9.8\" \/>\n\t\t<meta property=\"og:locale\" content=\"en_US\" \/>\n\t\t<meta property=\"og:site_name\" content=\"Sekuritas IT \u203a Creative solutions to unique challenges.\" \/>\n\t\t<meta property=\"og:type\" content=\"article\" \/>\n\t\t<meta property=\"og:title\" content=\"Microsoft Revokes 200 Fraudulent Certificates Used in Rhysida Ransomware Campaign info@thehackernews.com (The Hacker News) \u203a Sekuritas IT\" \/>\n\t\t<meta property=\"og:description\" content=\"Microsoft on Thursday disclosed that it revoked more than 200 certificates used by a threat actor it tracks as Vanilla Tempest to fraudulently sign malicious binaries in ransomware attacks. The certificates were &quot;used in fake Teams setup files to deliver the Oyster backdoor and ultimately deploy Rhysida ransomware,&quot; the Microsoft Threat Intelligence team said in\" \/>\n\t\t<meta property=\"og:url\" content=\"https:\/\/sekuritasit.com\/index.php\/2025\/10\/17\/microsoft-revokes-200-fraudulent-certificates-used-in-rhysida-ransomware-campaign-infothehackernews-com-the-hacker-news\/\" \/>\n\t\t<meta property=\"article:published_time\" content=\"2025-10-17T06:03:00+00:00\" \/>\n\t\t<meta property=\"article:modified_time\" content=\"2025-10-17T06:03:00+00:00\" \/>\n\t\t<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/profile.php?id=100086973577423\" \/>\n\t\t<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n\t\t<meta name=\"twitter:title\" content=\"Microsoft Revokes 200 Fraudulent Certificates Used in Rhysida Ransomware Campaign info@thehackernews.com (The Hacker News) \u203a Sekuritas IT\" \/>\n\t\t<meta name=\"twitter:description\" content=\"Microsoft on Thursday disclosed that it revoked more than 200 certificates used by a threat actor it tracks as Vanilla Tempest to fraudulently sign malicious binaries in ransomware attacks. The certificates were &quot;used in fake Teams setup files to deliver the Oyster backdoor and ultimately deploy Rhysida ransomware,&quot; the Microsoft Threat Intelligence team said in\" \/>\n\t\t<script type=\"application\/ld+json\" class=\"aioseo-schema\">\n\t\t\t{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"BlogPosting\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2025\\\/10\\\/17\\\/microsoft-revokes-200-fraudulent-certificates-used-in-rhysida-ransomware-campaign-infothehackernews-com-the-hacker-news\\\/#blogposting\",\"name\":\"Microsoft Revokes 200 Fraudulent Certificates Used in Rhysida Ransomware Campaign info@thehackernews.com (The Hacker News) \\u203a Sekuritas IT\",\"headline\":\"Microsoft Revokes 200 Fraudulent Certificates Used in Rhysida Ransomware Campaign info@thehackernews.com (The Hacker News)\",\"author\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/author\\\/admin\\\/#author\"},\"publisher\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/#organization\"},\"image\":{\"@type\":\"ImageObject\",\"url\":\"https:\\\/\\\/sekuritasit.com\\\/wp-content\\\/uploads\\\/2025\\\/10\\\/ransomware-certificate-juLVeX.jpg\",\"width\":900,\"height\":470},\"datePublished\":\"2025-10-17T06:03:00+00:00\",\"dateModified\":\"2025-10-17T06:03:00+00:00\",\"inLanguage\":\"en-US\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2025\\\/10\\\/17\\\/microsoft-revokes-200-fraudulent-certificates-used-in-rhysida-ransomware-campaign-infothehackernews-com-the-hacker-news\\\/#webpage\"},\"isPartOf\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2025\\\/10\\\/17\\\/microsoft-revokes-200-fraudulent-certificates-used-in-rhysida-ransomware-campaign-infothehackernews-com-the-hacker-news\\\/#webpage\"},\"articleSection\":\"Uncategorized\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2025\\\/10\\\/17\\\/microsoft-revokes-200-fraudulent-certificates-used-in-rhysida-ransomware-campaign-infothehackernews-com-the-hacker-news\\\/#breadcrumblist\",\"itemListElement\":[{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/sekuritasit.com#listItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/sekuritasit.com\",\"nextItem\":{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/category\\\/uncategorized\\\/#listItem\",\"name\":\"Uncategorized\"}},{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/category\\\/uncategorized\\\/#listItem\",\"position\":2,\"name\":\"Uncategorized\",\"item\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/category\\\/uncategorized\\\/\",\"nextItem\":{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2025\\\/10\\\/17\\\/microsoft-revokes-200-fraudulent-certificates-used-in-rhysida-ransomware-campaign-infothehackernews-com-the-hacker-news\\\/#listItem\",\"name\":\"Microsoft Revokes 200 Fraudulent Certificates Used in Rhysida Ransomware Campaign info@thehackernews.com (The Hacker News)\"},\"previousItem\":{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/sekuritasit.com#listItem\",\"name\":\"Home\"}},{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2025\\\/10\\\/17\\\/microsoft-revokes-200-fraudulent-certificates-used-in-rhysida-ransomware-campaign-infothehackernews-com-the-hacker-news\\\/#listItem\",\"position\":3,\"name\":\"Microsoft Revokes 200 Fraudulent Certificates Used in Rhysida Ransomware Campaign info@thehackernews.com (The Hacker News)\",\"previousItem\":{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/category\\\/uncategorized\\\/#listItem\",\"name\":\"Uncategorized\"}}]},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/#organization\",\"name\":\"Sekuritas IT\",\"description\":\"Creative solutions to unique challenges.\",\"url\":\"https:\\\/\\\/sekuritasit.com\\\/\",\"sameAs\":[\"https:\\\/\\\/www.facebook.com\\\/profile.php?id=100086973577423\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/author\\\/admin\\\/#author\",\"url\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/author\\\/admin\\\/\",\"name\":\"admin\",\"image\":{\"@type\":\"ImageObject\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2025\\\/10\\\/17\\\/microsoft-revokes-200-fraudulent-certificates-used-in-rhysida-ransomware-campaign-infothehackernews-com-the-hacker-news\\\/#authorImage\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/d7e1b280a86a35aded993a38df224bb7b360b70bfbabceccbea7c0ef0ab5e175?s=96&d=retro&r=g\",\"width\":96,\"height\":96,\"caption\":\"admin\"}},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2025\\\/10\\\/17\\\/microsoft-revokes-200-fraudulent-certificates-used-in-rhysida-ransomware-campaign-infothehackernews-com-the-hacker-news\\\/#webpage\",\"url\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2025\\\/10\\\/17\\\/microsoft-revokes-200-fraudulent-certificates-used-in-rhysida-ransomware-campaign-infothehackernews-com-the-hacker-news\\\/\",\"name\":\"Microsoft Revokes 200 Fraudulent Certificates Used in Rhysida Ransomware Campaign info@thehackernews.com (The Hacker News) \\u203a Sekuritas IT\",\"description\":\"Microsoft on Thursday disclosed that it revoked more than 200 certificates used by a threat actor it tracks as Vanilla Tempest to fraudulently sign malicious binaries in ransomware attacks. The certificates were \\\"used in fake Teams setup files to deliver the Oyster backdoor and ultimately deploy Rhysida ransomware,\\\" the Microsoft Threat Intelligence team said in\",\"inLanguage\":\"en-US\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/#website\"},\"breadcrumb\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2025\\\/10\\\/17\\\/microsoft-revokes-200-fraudulent-certificates-used-in-rhysida-ransomware-campaign-infothehackernews-com-the-hacker-news\\\/#breadcrumblist\"},\"author\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/author\\\/admin\\\/#author\"},\"creator\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/author\\\/admin\\\/#author\"},\"image\":{\"@type\":\"ImageObject\",\"url\":\"https:\\\/\\\/sekuritasit.com\\\/wp-content\\\/uploads\\\/2025\\\/10\\\/ransomware-certificate-juLVeX.jpg\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2025\\\/10\\\/17\\\/microsoft-revokes-200-fraudulent-certificates-used-in-rhysida-ransomware-campaign-infothehackernews-com-the-hacker-news\\\/#mainImage\",\"width\":900,\"height\":470},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2025\\\/10\\\/17\\\/microsoft-revokes-200-fraudulent-certificates-used-in-rhysida-ransomware-campaign-infothehackernews-com-the-hacker-news\\\/#mainImage\"},\"datePublished\":\"2025-10-17T06:03:00+00:00\",\"dateModified\":\"2025-10-17T06:03:00+00:00\"},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/#website\",\"url\":\"https:\\\/\\\/sekuritasit.com\\\/\",\"name\":\"Sekuritas IT\",\"alternateName\":\"Sekuritas\",\"description\":\"Creative solutions to unique challenges.\",\"inLanguage\":\"en-US\",\"publisher\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/#organization\"}}]}\n\t\t<\/script>\n\t\t<!-- All in One SEO -->\n\n","aioseo_head_json":{"title":"Microsoft Revokes 200 Fraudulent Certificates Used in Rhysida Ransomware Campaign info@thehackernews.com (The Hacker News) \u203a Sekuritas IT","description":"Microsoft on Thursday disclosed that it revoked more than 200 certificates used by a threat actor it tracks as Vanilla Tempest to fraudulently sign malicious binaries in ransomware attacks. The certificates were \"used in fake Teams setup files to deliver the Oyster backdoor and ultimately deploy Rhysida ransomware,\" the Microsoft Threat Intelligence team said in","canonical_url":"https:\/\/sekuritasit.com\/index.php\/2025\/10\/17\/microsoft-revokes-200-fraudulent-certificates-used-in-rhysida-ransomware-campaign-infothehackernews-com-the-hacker-news\/","robots":"max-image-preview:large","keywords":"","webmasterTools":{"miscellaneous":""},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"BlogPosting","@id":"https:\/\/sekuritasit.com\/index.php\/2025\/10\/17\/microsoft-revokes-200-fraudulent-certificates-used-in-rhysida-ransomware-campaign-infothehackernews-com-the-hacker-news\/#blogposting","name":"Microsoft Revokes 200 Fraudulent Certificates Used in Rhysida Ransomware Campaign info@thehackernews.com (The Hacker News) \u203a Sekuritas IT","headline":"Microsoft Revokes 200 Fraudulent Certificates Used in Rhysida Ransomware Campaign info@thehackernews.com (The Hacker News)","author":{"@id":"https:\/\/sekuritasit.com\/index.php\/author\/admin\/#author"},"publisher":{"@id":"https:\/\/sekuritasit.com\/#organization"},"image":{"@type":"ImageObject","url":"https:\/\/sekuritasit.com\/wp-content\/uploads\/2025\/10\/ransomware-certificate-juLVeX.jpg","width":900,"height":470},"datePublished":"2025-10-17T06:03:00+00:00","dateModified":"2025-10-17T06:03:00+00:00","inLanguage":"en-US","mainEntityOfPage":{"@id":"https:\/\/sekuritasit.com\/index.php\/2025\/10\/17\/microsoft-revokes-200-fraudulent-certificates-used-in-rhysida-ransomware-campaign-infothehackernews-com-the-hacker-news\/#webpage"},"isPartOf":{"@id":"https:\/\/sekuritasit.com\/index.php\/2025\/10\/17\/microsoft-revokes-200-fraudulent-certificates-used-in-rhysida-ransomware-campaign-infothehackernews-com-the-hacker-news\/#webpage"},"articleSection":"Uncategorized"},{"@type":"BreadcrumbList","@id":"https:\/\/sekuritasit.com\/index.php\/2025\/10\/17\/microsoft-revokes-200-fraudulent-certificates-used-in-rhysida-ransomware-campaign-infothehackernews-com-the-hacker-news\/#breadcrumblist","itemListElement":[{"@type":"ListItem","@id":"https:\/\/sekuritasit.com#listItem","position":1,"name":"Home","item":"https:\/\/sekuritasit.com","nextItem":{"@type":"ListItem","@id":"https:\/\/sekuritasit.com\/index.php\/category\/uncategorized\/#listItem","name":"Uncategorized"}},{"@type":"ListItem","@id":"https:\/\/sekuritasit.com\/index.php\/category\/uncategorized\/#listItem","position":2,"name":"Uncategorized","item":"https:\/\/sekuritasit.com\/index.php\/category\/uncategorized\/","nextItem":{"@type":"ListItem","@id":"https:\/\/sekuritasit.com\/index.php\/2025\/10\/17\/microsoft-revokes-200-fraudulent-certificates-used-in-rhysida-ransomware-campaign-infothehackernews-com-the-hacker-news\/#listItem","name":"Microsoft Revokes 200 Fraudulent Certificates Used in Rhysida Ransomware Campaign info@thehackernews.com (The Hacker News)"},"previousItem":{"@type":"ListItem","@id":"https:\/\/sekuritasit.com#listItem","name":"Home"}},{"@type":"ListItem","@id":"https:\/\/sekuritasit.com\/index.php\/2025\/10\/17\/microsoft-revokes-200-fraudulent-certificates-used-in-rhysida-ransomware-campaign-infothehackernews-com-the-hacker-news\/#listItem","position":3,"name":"Microsoft Revokes 200 Fraudulent Certificates Used in Rhysida Ransomware Campaign info@thehackernews.com (The Hacker News)","previousItem":{"@type":"ListItem","@id":"https:\/\/sekuritasit.com\/index.php\/category\/uncategorized\/#listItem","name":"Uncategorized"}}]},{"@type":"Organization","@id":"https:\/\/sekuritasit.com\/#organization","name":"Sekuritas IT","description":"Creative solutions to unique challenges.","url":"https:\/\/sekuritasit.com\/","sameAs":["https:\/\/www.facebook.com\/profile.php?id=100086973577423"]},{"@type":"Person","@id":"https:\/\/sekuritasit.com\/index.php\/author\/admin\/#author","url":"https:\/\/sekuritasit.com\/index.php\/author\/admin\/","name":"admin","image":{"@type":"ImageObject","@id":"https:\/\/sekuritasit.com\/index.php\/2025\/10\/17\/microsoft-revokes-200-fraudulent-certificates-used-in-rhysida-ransomware-campaign-infothehackernews-com-the-hacker-news\/#authorImage","url":"https:\/\/secure.gravatar.com\/avatar\/d7e1b280a86a35aded993a38df224bb7b360b70bfbabceccbea7c0ef0ab5e175?s=96&d=retro&r=g","width":96,"height":96,"caption":"admin"}},{"@type":"WebPage","@id":"https:\/\/sekuritasit.com\/index.php\/2025\/10\/17\/microsoft-revokes-200-fraudulent-certificates-used-in-rhysida-ransomware-campaign-infothehackernews-com-the-hacker-news\/#webpage","url":"https:\/\/sekuritasit.com\/index.php\/2025\/10\/17\/microsoft-revokes-200-fraudulent-certificates-used-in-rhysida-ransomware-campaign-infothehackernews-com-the-hacker-news\/","name":"Microsoft Revokes 200 Fraudulent Certificates Used in Rhysida Ransomware Campaign info@thehackernews.com (The Hacker News) \u203a Sekuritas IT","description":"Microsoft on Thursday disclosed that it revoked more than 200 certificates used by a threat actor it tracks as Vanilla Tempest to fraudulently sign malicious binaries in ransomware attacks. The certificates were \"used in fake Teams setup files to deliver the Oyster backdoor and ultimately deploy Rhysida ransomware,\" the Microsoft Threat Intelligence team said in","inLanguage":"en-US","isPartOf":{"@id":"https:\/\/sekuritasit.com\/#website"},"breadcrumb":{"@id":"https:\/\/sekuritasit.com\/index.php\/2025\/10\/17\/microsoft-revokes-200-fraudulent-certificates-used-in-rhysida-ransomware-campaign-infothehackernews-com-the-hacker-news\/#breadcrumblist"},"author":{"@id":"https:\/\/sekuritasit.com\/index.php\/author\/admin\/#author"},"creator":{"@id":"https:\/\/sekuritasit.com\/index.php\/author\/admin\/#author"},"image":{"@type":"ImageObject","url":"https:\/\/sekuritasit.com\/wp-content\/uploads\/2025\/10\/ransomware-certificate-juLVeX.jpg","@id":"https:\/\/sekuritasit.com\/index.php\/2025\/10\/17\/microsoft-revokes-200-fraudulent-certificates-used-in-rhysida-ransomware-campaign-infothehackernews-com-the-hacker-news\/#mainImage","width":900,"height":470},"primaryImageOfPage":{"@id":"https:\/\/sekuritasit.com\/index.php\/2025\/10\/17\/microsoft-revokes-200-fraudulent-certificates-used-in-rhysida-ransomware-campaign-infothehackernews-com-the-hacker-news\/#mainImage"},"datePublished":"2025-10-17T06:03:00+00:00","dateModified":"2025-10-17T06:03:00+00:00"},{"@type":"WebSite","@id":"https:\/\/sekuritasit.com\/#website","url":"https:\/\/sekuritasit.com\/","name":"Sekuritas IT","alternateName":"Sekuritas","description":"Creative solutions to unique challenges.","inLanguage":"en-US","publisher":{"@id":"https:\/\/sekuritasit.com\/#organization"}}]},"og:locale":"en_US","og:site_name":"Sekuritas IT \u203a Creative solutions to unique challenges.","og:type":"article","og:title":"Microsoft Revokes 200 Fraudulent Certificates Used in Rhysida Ransomware Campaign info@thehackernews.com (The Hacker News) \u203a Sekuritas IT","og:description":"Microsoft on Thursday disclosed that it revoked more than 200 certificates used by a threat actor it tracks as Vanilla Tempest to fraudulently sign malicious binaries in ransomware attacks. The certificates were &quot;used in fake Teams setup files to deliver the Oyster backdoor and ultimately deploy Rhysida ransomware,&quot; the Microsoft Threat Intelligence team said in","og:url":"https:\/\/sekuritasit.com\/index.php\/2025\/10\/17\/microsoft-revokes-200-fraudulent-certificates-used-in-rhysida-ransomware-campaign-infothehackernews-com-the-hacker-news\/","article:published_time":"2025-10-17T06:03:00+00:00","article:modified_time":"2025-10-17T06:03:00+00:00","article:publisher":"https:\/\/www.facebook.com\/profile.php?id=100086973577423","twitter:card":"summary_large_image","twitter:title":"Microsoft Revokes 200 Fraudulent Certificates Used in Rhysida Ransomware Campaign info@thehackernews.com (The Hacker News) \u203a Sekuritas IT","twitter:description":"Microsoft on Thursday disclosed that it revoked more than 200 certificates used by a threat actor it tracks as Vanilla Tempest to fraudulently sign malicious binaries in ransomware attacks. The certificates were &quot;used in fake Teams setup files to deliver the Oyster backdoor and ultimately deploy Rhysida ransomware,&quot; the Microsoft Threat Intelligence team said in"},"aioseo_meta_data":{"post_id":"17934","title":null,"description":null,"keywords":null,"keyphrases":null,"primary_term":null,"canonical_url":null,"og_title":null,"og_description":null,"og_object_type":"default","og_image_type":"default","og_image_url":null,"og_image_width":null,"og_image_height":null,"og_image_custom_url":null,"og_image_custom_fields":null,"og_video":null,"og_custom_url":null,"og_article_section":null,"og_article_tags":null,"twitter_use_og":false,"twitter_card":"default","twitter_image_type":"default","twitter_image_url":null,"twitter_image_custom_url":null,"twitter_image_custom_fields":null,"twitter_title":null,"twitter_description":null,"schema":{"blockGraphs":[],"customGraphs":[],"default":{"data":{"Article":[],"Course":[],"Dataset":[],"FAQPage":[],"Movie":[],"Person":[],"Product":[],"ProductReview":[],"Car":[],"Recipe":[],"Service":[],"SoftwareApplication":[],"WebPage":[]},"graphName":"","isEnabled":true},"graphs":[]},"schema_type":"default","schema_type_options":null,"pillar_content":false,"robots_default":true,"robots_noindex":false,"robots_noarchive":false,"robots_nosnippet":false,"robots_nofollow":false,"robots_noimageindex":false,"robots_noodp":false,"robots_notranslate":false,"robots_max_snippet":null,"robots_max_videopreview":null,"robots_max_imagepreview":"large","priority":null,"frequency":null,"local_seo":null,"breadcrumb_settings":null,"limit_modified_date":false,"ai":null,"created":"2025-10-17 08:10:21","updated":"2025-10-17 08:10:21","seo_analyzer_scan_date":null},"aioseo_breadcrumb":"<div class=\"aioseo-breadcrumbs\"><span class=\"aioseo-breadcrumb\">\n\t\t\t<a href=\"https:\/\/sekuritasit.com\" title=\"Home\">Home<\/a>\n\t\t<\/span><span class=\"aioseo-breadcrumb-separator\">&raquo;<\/span><span class=\"aioseo-breadcrumb\">\n\t\t\t<a href=\"https:\/\/sekuritasit.com\/index.php\/category\/uncategorized\/\" title=\"Uncategorized\">Uncategorized<\/a>\n\t\t<\/span><span class=\"aioseo-breadcrumb-separator\">&raquo;<\/span><span class=\"aioseo-breadcrumb\">\n\t\t\tMicrosoft Revokes 200 Fraudulent Certificates Used in Rhysida Ransomware Campaign info@thehackernews.com (The Hacker News)\n\t\t<\/span><\/div>","aioseo_breadcrumb_json":[{"label":"Home","link":"https:\/\/sekuritasit.com"},{"label":"Uncategorized","link":"https:\/\/sekuritasit.com\/index.php\/category\/uncategorized\/"},{"label":"Microsoft Revokes 200 Fraudulent Certificates Used in Rhysida Ransomware Campaign info@thehackernews.com (The Hacker News)","link":"https:\/\/sekuritasit.com\/index.php\/2025\/10\/17\/microsoft-revokes-200-fraudulent-certificates-used-in-rhysida-ransomware-campaign-infothehackernews-com-the-hacker-news\/"}],"_links":{"self":[{"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/posts\/17934","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/comments?post=17934"}],"version-history":[{"count":0,"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/posts\/17934\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/media\/17935"}],"wp:attachment":[{"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/media?parent=17934"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/categories?post=17934"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/tags?post=17934"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}