Yet another day, yet another Microsoft technology hack. You might think this is just another routine occurrence, but this time it’s different. The targets were not Microsoft customers, but the top echelons of Microsoft itself. The hacker group, known as Midnight Blizzard, Cozy Bear, the Dukes, or A.P.T. 29, is sponsored by Russia’s Foreign Intelligence Service. This time, the hack might persuade the federal government to finally take a harder line against Microsoft’s and Windows’ continuing vulnerabilities.
Midnight Blizzard is known for its sophisticated cyberattack capabilities, including the Solar Winds supply-chain attack. This time around, they used a basic hacking trick called “password spraying” to infiltrate Microsoft. They broke into an old test account and then used the account’s permissions to get into “Microsoft corporate email accounts, including members of our senior leadership team and employees in our cybersecurity, legal, and other functions,” and steal emails and documents attached to them.
Microsoft claims the hackers initially targeted information about Midnight Blizzard itself, and that “to date, there is no evidence that the threat actor had any access to customer environments, production systems, source code, or AI systems.” The company also noted, “The attack was not the result of a vulnerability in Microsoft products or services.”
2024-01-30 16:41:03
Article from www.computerworld.com