Wired: https://www.wired.com/story/microsoft-hpe-midnight-blizzard-email-breaches/
Tech

Microsoft explained how its executives were spied on

admin

Microsoft and HPE in the Light of the Solar Winds Attack: A Case Study of a Cyber-Scale Attack Against Microsoft

Microsoft revealed last week that it had discovered a nation-state attack on its corporate systems from the Russian state-sponsored hackers that were behind the SolarWinds attack. Hackers were able to access the email accounts of some members of Microsoft’s senior leadership team — potentially spying on them for weeks or months.

The same group of hackers had previously gained access to the “cloud-based email environment” of Hewlett Packard Enterprise. HPE didn’t name the provider, but the company did reveal the incident was “likely related” to the “exfiltration of a limited number of [Microsoft] SharePoint files as early as May 2023.”

“We shouldn’t be surprised that Russian intelligence-backed threat actors, and SVR in particular, are targeting tech companies like Microsoft and HPE. Jake Williams is a former US National Security Agency hacker and current faculty member at the Institute for Applied Network Security.

Nobelium initially accessed Microsoft’s systems through a password spray attack. This type of attack is a brute force one that sees hackers use a dictionary of potential passwords against accounts. The non-production test tenant account didn’t have two-factor authentication enabled which is critical to the investigation. The password spray attacks were tailored to a limited number of accounts using a low number of attempts to avoid detection, says Microsoft.

Increased access gave the group the chance to create more malicious application and create accounts to access Microsoft’s corporate environment and Office 365 Exchange Online service which gives access to email inboxes.

Kurtz was right, more has come out, but there are still some key details missing. Microsoft does claim that if this same non-production test environment was deployed today then “mandatory Microsoft policy and workflows would ensure MFA and our active protections are enabled” to better protect against these attacks. Microsoft still has plenty more explaining to do, especially if it wants its customers to believe it’s truly improving the way it designs, builds, tests, and operates its software and services to better protect against security threats.

In, , ,
Previous post Families of Israeli Hostages are protesting to block aid to Gaza
Next post The ICJ finds the Gaza genocide case plausible

More Stories

Microsoft has created a new collaborative artificial intelligence playground called Copilot Pages

admin

Microsoft’s AI Assistant Copilot will be coming to Microsoft Teams and OneDrive later this month. As part of the announcement, Microsoft is also adding Python support to Excel to allow users to use it to conduct advanced analysis on spreadsheet data using natural language. Copilot will summarize conversations that happened in text chat and spoken ones in meetings later this month.

NASA’s Starliners don’t feel let down by Boeing

admin

NASA astronauts Suni Williams and Butch Wilmore, who were stranded in space for over two months due to technical issues with their Boeing Starliner spacecraft, have said they are still positive. The extended stay in space was caused by the technical issues with their ship, which was supposed to be a final test flight before Starliner would be certified for regular use in missions.

The seismologists couldn’t figure out what the weird signal was from the mega-landslide

admin

Researchers claim to have solved the mystery behind a tsunami in Greenland’s Dickson fjord last year. “The landslides produced a seiche that generated a striking seismological signature,” Columbia University geophysicist Gran Ekstrm said. “We definitely expect the frequency of landslides and tsunamis to increase in the Arctic as a result of global warming,” he added.

Famed Pacific island’s population is not real

admin

A new species of parasitoid wasp has been discovered in a Rapa Nui fruit fly, researchers have said. The new species, identified as melanogaster, infects the fly, which is known to be a model organism for the ecocide theory that claims Rapa Nui’s inhabitants were behind the impact of European settlement. It was found to carry DNA from the ancient Rapanui people.