Microsoft details the techniques that the Russian hacking group Midnight Blizzard used to breach the email accounts of its executives and other organizations
here's what that means for you Mastodon: Bert Hubert / @bert_hubert@fosstodon.org : Microsoft is trying to get all email users, including governments, to migrate to their cloud-based solutions. This makes their email cloud _THE_ prime target for nation-state/state sponsored hackers. Yet Microsoft appears to be leaving gaping security holes in the setup of their email services: https://arstechnica.com/... @osma@mas.to : Basically, expect that any organization using Office 365 has been compromised beyond repair. — Too bad that involves nearly everyone, making it Too Big to Be Compromised. — https://arstechnica.com/... X: Steven Sinofsky / @stevesi : Midnight Blizzard: Guidance for responders on nation-state attack “Midnight Blizzard leveraged their initial access to identify and compromise a legacy test OAuth application that had elevated access to the Microsoft corporate environment.” // a test app with a common password... LinkedIn: Dana K. : Well, we now have a better idea how the Russian Nation State actors pivoted from a simple password spray attack to corporate executive email access. … Sarah Armstrong-Smith : The Microsoft security team detected a nation-state attack on our corporate systems on January 12, 2024, and immediately activated our response process to investigate … Jeremy Dallman : Microsoft Threat Intel just published additional analysis and investigation findings on the recent nation state attacks by Midnight Blizzard (APT29, UNC2452, Cozy Bear) on Microsoft corporate systems. … Dan Taylor : More on our ongoing investigation Ann Johnson : In this blog, we provide more details on Midnight Blizzard, our preliminary and ongoing analysis of the techniques they used …