Skip to content
The Nexus
DossierENTITY

Steven Masada

Coverage of Steven Masada in the Nexus archive.

Earliest in view: May 19 · 15:00 UTCMost recent: May 19 · 21:56 UTC
Co-mentioned in this coverage
Recent coverage
  • SECURITYMay 19 · 21:56 UTCTHE REGISTER
    Microsoft shuts down illegal code-signing operation used by ransomware crims to mask their malware

    Microsoft shut down an illegal code-signing operation used by ransomware criminals to mask their malware, seizing websites and taking down hundreds of virtual machines running the service. The operation, called Fox Tempest, abused Microsoft's Artifact Signing code-signing service, selling code-signing certificates to other criminals for thousands of dollars. This allowed ransomware groups to make their malware appear legitimate to Windows and users.

  • SECURITYMay 19 · 15:00 UTCCYBERSCOOP
    Microsoft disrupts cybercrime service that abused software verification systems en masse

    Microsoft disrupted a cybercrime service called Fox Tempest that created and sold code-signing certificates to make malware appear legitimate. The service was used by multiple ransomware groups and had a global impact. Microsoft seized infrastructure and dismantled the operation after tracking it since September 2025.

Steven Masada · Dossier · The Nexus