LostAmishMan

Action Steps:

Monitor all outbound PKI cert traffic to DoD/DISA and volume spikes—especially on non-admin systems.

Dump & hash all current root/intermediate certs.

Verify your “trusted roots” against air-gapped, known-good images.

Don’t trust “automated recovery” if you notice PKI/OCSP anomalies.

We are witnessing the weaponization of certificate trust infrastructure against military/civilian defense.

#infosec #DoD #PKI #cybersecurity #zerotrust #supplychain #nationalsecurity

Jun 27, 2025 at 10:36amWeb