Microsoft disrupts cybercrime service offering malware disguised as legitimate software

Microsoft seized infrastructure and legal action against "Fox Tempest," a malware-signing-as-a-service that abused Microsoft code-signing tools to provide valid-looking signatures for malicious software. The service, active since May of last year and used by ransomware and other criminal actors (Microsoft also named "Vanilla Tempest" as a co-conspirator), enabled attacks across healthcare, education, government, and financial sectors in multiple countries before Microsoft disrupted the operation.