Microsoft’s ‘cascade of security failures’ allowed hackers to access US government employee emails | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #hacker

What you need to know

  • A report by the U.S. Cyber Safety Review Board states that Microsoft could have prevented the Chinese state-sponsored hacking group Storm-0558 from accessing the email accounts of U.S. government employees.
  • The board was commissioned by President Biden and established by the U.S Department of Homeland Security in 2023.
  • The report explained that “Storm-0558 was able to succeed because of a cascade of security failures at Microsoft.”

The now-famous attacks of a Chinese state-sponsored hacking group on U.S. government employees could have been prevented by Microsoft, according to a report by the U.S. Cyber Safety Review Board. That hacking group was able to gain access to the emails of 22 organizations and over 500 people, including employees of the U.S. government that work on national security.

The 34-page report is damning. It outlines several failings made by Microsoft employees, including multiple practices that could have been in place to prevent the security breach from occurring. The Board called for an overhaul of Microsoft’s security culture.

{n.callMethod? n.callMethod.apply(n,arguments):n.queue.push(arguments)}
fbq(‘init’, ‘1765793593738454’);
fbq(‘track’, ‘PageView’);


Click Here For The Original Story From This Source.


National Cyber Security