Microsoft’s ‘Senior Leadership’ Emails Were Compromised By Russian Hacker Group | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #hacker

Microsoft revealed the discovery of a nation-state attack on its corporate systems Friday. The company says the attacked occurred on January 12, 2024 and was orchestrated by Midnight Blizzard also known as Nobelium, the same Russian state-sponsored group of hackers that were involved in the SolarWinds attack in 2019.

Microsoft says that the company’s detection of the attack immediately activated its response process to “investigate, disrupt malicious activity, mitigate the attack, and deny the threat actor further access.” 

According to Microsoft the threat actor used a password spray attack to compromise a legacy non-production test tenant account after which they were able to access “a very small percentage of Microsoft corporate email accounts.” Those accounts included members of the company’s senior leadership team as well as employees in the company’s “cybersecurity, legal, and other functions.” The company’s investigation of the attack suggests that they were looking for information specifically related to Midnight Blizzard.

Microsoft says that at the attack wasn’t the result on any vulnerability in its systems, and that there was never any threat to customers.

Microsoft says that it’s contouring its investigation and “will take additional actions based on the outcomes of this investigation and will continue working with law enforcement and appropriate regulators.”

The company also says that its “deeply committed to sharing more information and our learnings, so that the community can benefit from both our experience and observations about the threat actor. We will provide additional details as appropriate.”


Click Here For The Original Story From This Source.

National Cyber Security