Certificates serve as the primary credentials used to identify systems and applications inside and outside organizations. Because of this, certificates and the public key infrastructure (PKI) that supports them are attractive targets for attackers, especially if they can exploit poor management and security practices. In the video below, we look at several possible paths an attacker can follow in a kill chain, starting by exploiting bad management practices to using a stolen private key or rogue certificate in an attack to achieving their ultimate objective.
In later blogs, we’ll elaborate on some of the bad management practices that provide attackers the openings their need to exploit these trusted credentials and best practices for closing these potential threat vectors. Read my next blog to learn more about how attackers get access to rogue certificates.