Microsoft Executives Hacked – Schneier on Security

3 months ago AndyC

Microsoft Executives Hacked
Microsoft is reporting that a Russian intelligence agency—the same one responsible for SolarWinds—accessed the email system of the company’s executives.

Microsoft Executives Hacked

Microsoft is reporting that a Russian intelligence agency—the same one responsible for SolarWinds—accessed the email system of the company’s executives.

Beginning in late November 2023, the threat actor used a password spray attack to compromise a legacy non-production test tenant account and gain a foothold, and then used the account’s permissions to access a very small percentage of Microsoft corporate email accounts, including members of our senior leadership team and employees in our cybersecurity, legal, and other functions, and exfiltrated some emails and attached documents. The investigation indicates they were initially targeting email accounts for information related to Midnight Blizzard itself.

Tags: , , ,

Sidebar photo of Bruce Schneier by Joe MacInnis.

About Author

AndyC

Andy Curtis is an award-winning security consultant, researcher and public speaker. He has been working in the computer security industry since the early 1990s, having been employed by state and federal government, leading healthcare and banking providers across three continents. He has given talks about computer security for some of the world’s largest companies, worked with law enforcement agencies on investigations into hacking groups, and is a regular voice on TV and radio explaining IT security threats.

See author's posts

Tags: , , , , , , , , , , , , ,

More Stories

Finland authorities warn of Android malware campaign targeting bank users

Finland authorities warn of Android malware campaign targeting bank users

39 mins ago AndyC
Law enforcement seized Lockbit group's website again

Law enforcement seized Lockbit group’s website again

7 hours ago AndyC
NATO and the EU formally condemned APT28 cyber espionage

NATO and the EU formally condemned APT28 cyber espionage

13 hours ago AndyC
Security Affairs newsletter Round 470 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs newsletter Round 470 by Pierluigi Paganini – INTERNATIONAL EDITION

19 hours ago AndyC
GenAI Continues to Dominate CIO and CISO Conversations

GenAI Continues to Dominate CIO and CISO Conversations

19 hours ago AndyC
Blackbasta gang Synlab Italia attack

Blackbasta gang Synlab Italia attack

2 days ago AndyC

You may have missed

Report Finds CISOs Struggle to Maintain Operational Security

Report Finds CISOs Struggle to Maintain Operational Security

34 mins ago AndyC

McAfee and Intel Collaborate to Combat Deepfakes with AI-Powered Deepfake Detection

38 mins ago AndyC
Finland authorities warn of Android malware campaign targeting bank users

Finland authorities warn of Android malware campaign targeting bank users

39 mins ago AndyC
Telstra to push back 3G switch-off

Telstra to push back 3G switch-off

4 hours ago AndyC
Nick Ellsmore to Lead Mantel Group’s Cybersecurity Capabilities

Nick Ellsmore to Lead Mantel Group’s Cybersecurity Capabilities

7 hours ago AndyC

Subscribe To InfoSec Today News

You have successfully subscribed to the newsletter

There was an error while trying to send your request. Please try again.

World Wide Crypto will use the information you provide on this form to be in touch with you and to provide updates and marketing.