Microsoft ‘senior leadership’ emails accessed by Russian SolarWinds hackers

Share via:


Microsoft is revealing today that it has discovered a nation-state attack on its corporate systems from the same Russian state-sponsored group of hackers that were responsible for the sophisticated SolarWinds attack. Microsoft says the hackers, known as Nobelium, were able to access email accounts of some members of its senior leadership team late last year.

“Beginning in late November 2023, the threat actor used a password spray attack to compromise a legacy non-production test tenant account and gain a foothold, and then used the account’s permissions to access a very small percentage of Microsoft corporate email accounts, including members of our senior leadership team and employees in our cybersecurity, legal, and other functions, and exfiltrated some emails and attached documents,” says the Microsoft Security Response Center in a blog post filed late on Friday.

Microsoft says the group was “initially targeting email accounts” for information about themselves, but it’s not clear what other emails and documents have been stolen in the process. Microsoft only discovered the attack last week on January 12th, and the company hasn’t disclosed how long the attackers were able to access its systems.

“The attack was not the result of a vulnerability in Microsoft products or services. To date, there is no evidence that the threat actor had any access to customer environments, production systems, source code, or AI systems,” says Microsoft.

The attack took place just days after Microsoft announced its plan to overhaul its software security following major Azure cloud attacks. While Microsoft customers don’t appear to have been impacted in this new incident and this wasn’t the result of a Microsoft vulnerability, this is still the latest in a line of cybersecurity incidents for Microsoft. It found itself at the center of the SolarWinds attack nearly three years ago, then 30,000 organizations’ email servers were hacked in 2021 due to a Microsoft Exchange Server flaw, and Chinese hackers breached US government emails via a Microsoft cloud exploit last year.

Microsoft is now changing the way it designs, builds, tests, and operates its software and services. It’s the biggest change to its security approach since the company announced its Security Development Lifecycle (SDL) in 2004 after huge Windows XP flaws knocked PCs offline.



Source link

Disclaimer

We strive to uphold the highest ethical standards in all of our reporting and coverage. We StartupNews.fyi want to be transparent with our readers about any potential conflicts of interest that may arise in our work. It’s possible that some of the investors we feature may have connections to other businesses, including competitors or companies we write about. However, we want to assure our readers that this will not have any impact on the integrity or impartiality of our reporting. We are committed to delivering accurate, unbiased news and information to our audience, and we will continue to uphold our ethics and principles in all of our work. Thank you for your trust and support.

Popular

More Like this

Microsoft ‘senior leadership’ emails accessed by Russian SolarWinds hackers


Microsoft is revealing today that it has discovered a nation-state attack on its corporate systems from the same Russian state-sponsored group of hackers that were responsible for the sophisticated SolarWinds attack. Microsoft says the hackers, known as Nobelium, were able to access email accounts of some members of its senior leadership team late last year.

“Beginning in late November 2023, the threat actor used a password spray attack to compromise a legacy non-production test tenant account and gain a foothold, and then used the account’s permissions to access a very small percentage of Microsoft corporate email accounts, including members of our senior leadership team and employees in our cybersecurity, legal, and other functions, and exfiltrated some emails and attached documents,” says the Microsoft Security Response Center in a blog post filed late on Friday.

Microsoft says the group was “initially targeting email accounts” for information about themselves, but it’s not clear what other emails and documents have been stolen in the process. Microsoft only discovered the attack last week on January 12th, and the company hasn’t disclosed how long the attackers were able to access its systems.

“The attack was not the result of a vulnerability in Microsoft products or services. To date, there is no evidence that the threat actor had any access to customer environments, production systems, source code, or AI systems,” says Microsoft.

The attack took place just days after Microsoft announced its plan to overhaul its software security following major Azure cloud attacks. While Microsoft customers don’t appear to have been impacted in this new incident and this wasn’t the result of a Microsoft vulnerability, this is still the latest in a line of cybersecurity incidents for Microsoft. It found itself at the center of the SolarWinds attack nearly three years ago, then 30,000 organizations’ email servers were hacked in 2021 due to a Microsoft Exchange Server flaw, and Chinese hackers breached US government emails via a Microsoft cloud exploit last year.

Microsoft is now changing the way it designs, builds, tests, and operates its software and services. It’s the biggest change to its security approach since the company announced its Security Development Lifecycle (SDL) in 2004 after huge Windows XP flaws knocked PCs offline.



Source link

Disclaimer

We strive to uphold the highest ethical standards in all of our reporting and coverage. We StartupNews.fyi want to be transparent with our readers about any potential conflicts of interest that may arise in our work. It’s possible that some of the investors we feature may have connections to other businesses, including competitors or companies we write about. However, we want to assure our readers that this will not have any impact on the integrity or impartiality of our reporting. We are committed to delivering accurate, unbiased news and information to our audience, and we will continue to uphold our ethics and principles in all of our work. Thank you for your trust and support.

Website Upgradation is going on for any glitch kindly connect at office@startupnews.fyi

More like this

FInd your lost wallet with your iPhone using SwitchBot...

I have an AirTag on my keychain to...

M4 MacBook Pro teardown reveals nearly identical internals to...

While the new M4 MacBook Pros got a...

Apple @ Work: Understanding Apple’s Private Wi-Fi Address feature

Apple @ Work is exclusively brought to you...

Popular

Upcoming Events

Startup Information that matters. Get in your inbox Daily!