1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • A recent Microsoft data breach also let Russian hackers compromis

    From TechnologyDaily@1337:1/100 to All on Fri Jul 5 13:15:04 2024
    A recent Microsoft data breach also let Russian hackers compromise US federal agencies

    Date:
    Fri, 05 Jul 2024 13:11:25 +0000

    Description:
    US Department of Veteran Affairs and a few others were seemingly compromised, Microsoft warns.

    FULL STORY ======================================================================

    The cybersecurity breach that hit Microsoft in late 2023 also impacted the US Department of Veteran Affairs (VA), the US Agency for Global Media (USAGM), and the Peace Corps.

    The comapony notified both organizations about the breach in March 2024, and has even warned USAGM that the attackers might have stolen some data from its servers. Security data, as well as personally identifiable information (PII), was probably not taken.

    As our investigation continues, we have been reaching out to customers to notify them if they had corresponded with a Microsoft corporate email account that was accessed, Microsoft spokesperson Jeff Jones said to The Verge . We will continue to coordinate, support, and assist our customers in taking mitigating measures. Midnight Blizzard

    In late November 2023, Russian state-sponsored threat actors known as
    Midnight Blizzard (AKA Nobelium, or Cozy Bear) targeted Microsoft and managed to steal some sensitive information from certain highly-positioned individuals, including senior executives. It is not known exactly how many emails were accessed, but Microsoft did say that compromised accounts
    included those belonging to members of senior leadership and those working in cybersecurity and legal departments.

    The attack was spotted on January 12, and Microsoft noted the subsequent changes in the approach to security might cause some disruptions.

    At the time, the company noted how the attackers managed to compromise a legacy non-production test tenant account via a password spray attack.

    The group used that access to gain access to a very small percentage of Microsoft corporate accounts, the company said.

    Some emails and attached documents were stolen, Microsoft said, stating that the information was related to the Nobelium group. To date, there is no evidence that the threat actor had any access to customer environments, production systems, source code, or AI systems. More from TechRadar Pro Hundreds of Cobalt Strike linked servers taken down in major police operation Here's a list of the best firewalls around today These are the best endpoint security tools right now



    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/a-recent-microsoft-data-breach-also-let -russian-hackers-compromise-us-federal-agencies


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)