Microsoft says Russian hackers again trying to breach its systems | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #hacker

Microsoft has said that Russian foreign intelligence-linked hackers again tried to break into its systems, using data stolen from corporate emails in January to access the tech giant whose products are widely used across the national security establishment in the US. According to a Reuters report, some analysts are concerned about the safety or systems and services at Microsoft. The analysts are worried about national security risks about the alleged role of Nobelium or Midnight Blizzard, a purported Russian state-sponsored group. ALSO READ: Rajasthan youth held for allegedly selling govt, citizen’s data on dark web

In January this year, Microsoft had disclosed details about the security breach, stating that hackers tried to break into corporate email accounts (Getty Images/ Representational photo)
{{^userSubscribed}} {{/userSubscribed}}
{{^userSubscribed}} {{/userSubscribed}}

In January this year, Microsoft had disclosed details about the security breach, stating that hackers tried to break into corporate email accounts including those of senior company leaders and cybersecurity, legal and other functions.

Hindustan Times – your fastest source for breaking news! Read now.

“In recent weeks, we have seen evidence that Midnight Blizzard is using information initially exfiltrated from our corporate email systems to gain, or attempt to gain, unauthorised access,” Microsoft’s blog post stated.

Jerome Segura, principal threat researcher at cybersecurity firm Malwarebytes’ Threatdown Labs, told Reuters, said that it is not surprising that Microsoft is being targeted, adding that it was ‘unnerving’ that the attack was still underway despite Microsoft’s efforts to thwart access. ALSO READ: Chinese hackers breached immigration data from Indian government: Report

Which data was stolen by Russian hackers?

{{^userSubscribed}} {{/userSubscribed}}
{{^userSubscribed}} {{/userSubscribed}}

Microsoft said that the hackers stole the access to source code repositories and internal systems. “This is the kind of thing that we’re really worried about.The attacker would want to use (Microsoft’s) secrets to get into production environments, and then compromise software and put backdoors and things like that,” Segura said.

According to Microsoft, the hackers had breached the staff emails by using a dormant account via a ‘password spray’ attack i.e using the same password on multiple accounts until they break into one.

“This seems like it’s something very targeted, and if (the hackers) are that deep inside Microsoft, and Microsoft hasn’t been able to get them out in two months, then there’s a huge concern,” Adam Meyers, a senior vice president at the cybersecurity firm Crowdstrike, told the agency.ALSO READ: US to award upto $10mn for info on Hive ransomware hackers; how do they operate?

What is Midnight Blizzard?

{{^userSubscribed}} {{/userSubscribed}}
{{^userSubscribed}} {{/userSubscribed}}

Midnight Blizzard or Nobelium targets governments, diplomatic entities and non governmental organisations. In January, Microsoft had said that the hacker group targeted it because the technology giant carried out robust research unravelling Midnight Blizzard’s operations.

Microsoft’s threat intelligence team has been investigating and sharing research on Nobelium since at least 2021, when the group was found to be behind the SolarWinds cyberattack that compromised a raft of U.S. government agencies.

The persistent attempts to breach Microsoft are a sign of “sustained, significant commitment of the threat actor’s resources, coordination, and focus,” the company said on Friday.

Unlock a world of Benefits with HT! From insightful newsletters to real-time news alerts and a personalized news feed – it’s all here, just a click away!- Login Now! Catch all the Latest Technology Mobile, Gadgets,Tech News from India and around the world


Click Here For The Original Story From This Source.


National Cyber Security