Russian Hackers Target Microsoft Senior Leadership Emails | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #hacker

Microsoft has revealed that some of its corporate email accounts were breached, and the data was stolen by a Russian state-sponsored hacking group known as Midnight Blizzard. The company detected the attack on Jan. 12, 2024, according to a blog post.

Further investigation into the hacking determined that Microsoft’s systems were breached in November 2023 when Midnight Blizzard conducted what is believed to be a password spray attack to access a legacy non-production account.

A password spray is when someone collects a list of potential login names and attempts to log in to them using one particular password. If that password fails, they repeat it with other passwords until they run out or successfully breach the account.

The password worked on what Microsoft said was an old test account. The hackers then used the account’s privileges to access multiple email streams.

The blog post reported that the hackers searched through the email accounts soon after the intrusion to find out what Microsoft knew about them. It also noted that the attack did not result from a vulnerability in Microsoft products or services.

Midnight Blizzard is also known as APT29, Nobelium, or Cozy Bear by cybersecurity researchers and linked to Russia’s SVR spy agency, according to U.S. officials, per Reuters. This same group is best known for intruding on the Democratic National Committee surrounding the 2016 U.S. election.

Microsoft’s disclosure follows a new regulatory requirement implemented by the U.S. Securities and Exchange Commission (SEC) in December that mandates publicly owned companies to disclose cyber incidents promptly. Affected companies must share a report about a hack’s impact within four business days of discovery — revealing the breach’s time, scope, and nature to the government.

There is no evidence that the threat actor had access to customer environments, production systems, source code, or AI systems. Microsoft said that it would notify customers if any action is required on their accounts.


Click Here For The Original Story From This Source.

National Cyber Security