hessen.social

gtbarryMicrosoft’s breach notification emails end up in spam folderThe Russian nation-state hacker group Midnight Blizzard penetrated Microsoft’s defenses last year“The notifications aren’t in the portal – they emailed tenant admins instead. The emails can go into spam. They also haven’t informed orgs via account managers”<a href="https://mastodon.social/tags/Russia" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Russia</a> <a href="https://mastodon.social/tags/Russian" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Russian</a> <a href="https://mastodon.social/tags/MidnightBlizzard" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#MidnightBlizzard</a> <a href="https://mastodon.social/tags/Microsoft" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Microsoft</a> <a href="https://mastodon.social/tags/email" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#email</a> <a href="https://mastodon.social/tags/spam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#spam</a> <a href="https://mastodon.social/tags/security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#security</a> <a href="https://mastodon.social/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cybersecurity</a> <a href="https://mastodon.social/tags/hackers" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#hackers</a> <a href="https://mastodon.social/tags/hacking" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#hacking</a><a href="https://cybernews.com/news/microsofts-breach-notification-emails-end-up-in-spam-folder/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://cybernews.com/news/microsofts-breach-notification-emails-end-up-in-spam-folder/</a>

AAKLRevisiting <a href="https://infosec.exchange/tags/Microsoft" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Microsoft</a>'s recent <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cybersecurity</a> fiasco. <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#infosec</a> "According to Bloomberg, Microsoft also informed the US Agency for Global Media that some of its data may have been stolen. Security data and sensitive, personally identifiable information held by the agency is not believed to have been compromised. The Peace Corps was also notified of the Midnight Blizzard breach but told Bloomberg that it was able to 'mitigate the vulnerability'." Microsoft’s <a href="https://infosec.exchange/tags/MidnightBlizzard" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#MidnightBlizzard</a> source code breach also impacted federal agencies <a href="https://www.theverge.com/2024/7/4/24192159/microsoft-midnight-blizzard-hack-targets" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.theverge.com/2024/7/4/24192159/microsoft-midnight-blizzard-hack-targets</a> <a href="https://mastodon.social/@verge" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@verge</a>

Marcel SIneM(S)US<a href="https://social.tchncs.de/tags/Microsoft" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Microsoft</a> informiert betroffene Kunden von <a href="https://social.tchncs.de/tags/MidnightBlizzard" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#MidnightBlizzard</a>-Spionage | Security <a href="https://www.heise.de/news/Microsoft-informiert-betroffene-Kunden-von-Midnight-Blizzard-Spionage-9783168.html" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.heise.de/news/Microsoft-informiert-betroffene-Kunden-von-Midnight-Blizzard-Spionage-9783168.html</a> <a href="https://social.tchncs.de/tags/CozyBear" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CozyBear</a>

Marcel SIneM(S)US<a href="https://social.tchncs.de/tags/TeamViewer" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#TeamViewer</a>-Angriff: Die Spur führt nach <a href="https://social.tchncs.de/tags/Russland" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Russland</a> 🇷🇺 | Security <a href="https://www.heise.de/news/TeamViewer-Angriff-Die-Spur-fuehrt-nach-Russland-9782630.html" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.heise.de/news/TeamViewer-Angriff-Die-Spur-fuehrt-nach-Russland-9782630.html</a> <a href="https://social.tchncs.de/tags/Russia" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Russia</a> 🇷🇺 <a href="https://social.tchncs.de/tags/APT29" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#APT29</a> <a href="https://social.tchncs.de/tags/CozyBear" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CozyBear</a> <a href="https://social.tchncs.de/tags/MidnightBlizzard" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#MidnightBlizzard</a> <a href="https://social.tchncs.de/tags/CyberCrime" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CyberCrime</a>

Don Trueten :antifa:Hoppla!<a href="https://mastodon.trueten.de/tags/Fernwartungssoftware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Fernwartungssoftware</a> <a href="https://mastodon.trueten.de/tags/TeamViewer" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#TeamViewer</a> kompromittiertam 27.06.2024 wurde bekannt, dass der Fernwartungs-Anbieter "TeamViewer" am 26.06.2024 Anzeichen für eine Kompromittierung seiner internen IT-Systeme durch einen professionelle Cyber-Angreifer festgestellt hat.   Nach aktuellen Informationen könnte es sich bei dem Angreifer um die gleiche Gruppierung handeln, die für einen sogenannten "<a href="https://mastodon.trueten.de/tags/Lieferkettenangriff" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Lieferkettenangriff</a>" ein US-amerikanisches Unternehmen im Jahr 2020 verantwortlich gemacht wird. Beim damaligen Angriffs sind über eine <a href="https://mastodon.trueten.de/tags/Management" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Management</a>-Software des Anbieters tausende Kunden des Anbieters kompromittiert wurden. <a href="https://www.golem.de/news/teamviewer-gehackt-cyberangriff-trifft-populaere-fernwartungssoftware-2406-186526.html" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.golem.de/news/teamviewer-gehackt-cyberangriff-trifft-populaere-fernwartungssoftware-2406-186526.html</a> <a href="https://mastodon.trueten.de/tags/Nerdkram" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Nerdkram</a> <a href="https://mastodon.trueten.de/tags/MidnightBlizzard" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#MidnightBlizzard</a>

IT NewsMicrosoft ties executive pay to security following multiple failures and breaches - Enlarge / A PC running Windows 11. (credit: Microsoft) It's be... - <a href="https://arstechnica.com/?p=2021673" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://arstechnica.com/?p=2021673</a> <a href="https://schleuss.online/tags/midnightblizzard" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#midnightblizzard</a> <a href="https://schleuss.online/tags/securitybreach" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#securitybreach</a> <a href="https://schleuss.online/tags/storm" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#storm</a>-0558 <a href="https://schleuss.online/tags/microsoft" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#microsoft</a> <a href="https://schleuss.online/tags/biz" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#biz</a>⁢ <a href="https://schleuss.online/tags/azure" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#azure</a> <a href="https://schleuss.online/tags/tech" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#tech</a>

Anke Domscheit-Berg🎙️Folge 32 von <a href="https://linke.social/tags/DerADBPodcast" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#DerADBPodcast</a> ist da! 💥 Harte Diskussionen im <a href="https://linke.social/tags/Digitalausschuss" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Digitalausschuss</a>: <a href="https://linke.social/tags/Drohnen" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Drohnen</a>, <a href="https://linke.social/tags/Hackerangriffe" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Hackerangriffe</a>, Cyber im Krieg u mehr!🛡️💻 Hört, was Verteidigungsminister <a href="https://linke.social/tags/Pistorius" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Pistorius</a> u <a href="https://linke.social/tags/Microsoft" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Microsoft</a> zu sagen hatten. Extra: Einblicke zum <a href="https://linke.social/tags/GirlsDay" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#GirlsDay</a>! 👩‍💻 <a href="https://mdb.anke.domscheit-berg.de/2024/04/der-adb-podcast-32/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://mdb.anke.domscheit-berg.de/2024/04/der-adb-podcast-32/</a> <a href="https://linke.social/tags/Storm588" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Storm588</a> <a href="https://linke.social/tags/Midnightblizzard" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Midnightblizzard</a> <a href="https://linke.social/tags/microsofthacks" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#microsofthacks</a> <a href="https://linke.social/tags/ITSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ITSecurity</a> <a href="https://linke.social/tags/Milit%C3%A4r" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Militär</a>

Not SimonSplunk provides a detailed analysis of the tactics, techniques, and procedures (TTPs) employed by APT29 in the campaign targeting German political parties with the new WINELOADER backdoor. APT29, aka Midnight Blizzard and Cozy Bear, is publicly attributed to Russian Foreign Intelligence Service (SVR). IOC and Yara rules provided.🔗 <a href="https://www.splunk.com/en_us/blog/security/wineloader-analysis.html" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.splunk.com/en_us/blog/security/wineloader-analysis.html</a><a href="https://infosec.exchange/tags/APT29" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#APT29</a> <a href="https://infosec.exchange/tags/MidnightBlizzard" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#MidnightBlizzard</a> <a href="https://infosec.exchange/tags/CozyBear" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CozyBear</a> <a href="https://infosec.exchange/tags/threatintel" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#threatintel</a> <a href="https://infosec.exchange/tags/WINELOADER" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#WINELOADER</a> <a href="https://infosec.exchange/tags/threatintel" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#threatintel</a> <a href="https://infosec.exchange/tags/IOC" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#IOC</a> <a href="https://infosec.exchange/tags/Russia" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Russia</a> <a href="https://infosec.exchange/tags/cyberespionage" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cyberespionage</a>

Pyrzout :vm:US Government on High Alert as Russian Hackers Steal Critical Correspondence From Microsoft <a href="https://www.securityweek.com/us-government-on-high-alert-as-russian-hackers-steal-critical-correspondence-from-microsoft/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.securityweek.com/us-government-on-high-alert-as-russian-hackers-steal-critical-correspondence-from-microsoft/</a> <a href="https://social.skynetcloud.site/tags/IncidentResponse" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#IncidentResponse</a> <a href="https://social.skynetcloud.site/tags/MidnightBlizzard" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#MidnightBlizzard</a> <a href="https://social.skynetcloud.site/tags/DataBreaches" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#DataBreaches</a> <a href="https://social.skynetcloud.site/tags/NationState" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#NationState</a> <a href="https://social.skynetcloud.site/tags/Microsoft" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Microsoft</a> <a href="https://social.skynetcloud.site/tags/Featured" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Featured</a> <a href="https://social.skynetcloud.site/tags/Nobelium" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Nobelium</a> <a href="https://social.skynetcloud.site/tags/Russia" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Russia</a> <a href="https://social.skynetcloud.site/tags/CISA" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CISA</a>

Nick EspinosaMicrosoft's Russian Attack Is WAY Worse Than What We Were Told!<a href="https://mastodon.social/tags/News" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#News</a> <a href="https://mastodon.social/tags/TechNews" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#TechNews</a> <a href="https://mastodon.social/tags/Microsoft" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Microsoft</a> <a href="https://mastodon.social/tags/Cyberattack" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Cyberattack</a> <a href="https://mastodon.social/tags/Cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Cybersecurity</a> <a href="https://mastodon.social/tags/Russia" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Russia</a> <a href="https://mastodon.social/tags/CozyBear" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CozyBear</a> <a href="https://mastodon.social/tags/MidnightBlizzard" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#MidnightBlizzard</a> <a href="https://mastodon.social/tags/APT29" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#APT29</a><a href="https://youtu.be/Zb61RRCp4ZM" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://youtu.be/Zb61RRCp4ZM</a>

ComputerBaseMidnight Blizzard: Hacker bohren noch immer in Microsofts Systemen herum <a href="https://www.computerbase.de/2024-03/midnight-blizzard-hacker-bohren-noch-immer-in-microsofts-systemen-herum/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.computerbase.de/2024-03/midnight-blizzard-hacker-bohren-noch-immer-in-microsofts-systemen-herum/</a> <a href="https://mastodon.social/tags/Microsoft" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Microsoft</a> <a href="https://mastodon.social/tags/MidnightBlizzard" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#MidnightBlizzard</a> <a href="https://mastodon.social/tags/Hacker" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Hacker</a> <a href="https://mastodon.social/tags/Cyberangriff" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Cyberangriff</a>

Bodo MenkeFive Eyes warning, that APT29 is going after MS customersWhy do I need a Wapo article to stumble over it? Were there any alerts in EU I missed (BSI?)? Any news on this already in European media outlets?„Microsoft attributed the ongoing attacks to an SVR group that it calls Midnight Blizzard and that other security companies refer to as APT29 or Cozy Bear.“<a href="https://hessen.social/tags/Microsoft" class="mention hashtag" rel="tag">#Microsoft</a> <a href="https://hessen.social/tags/M365" class="mention hashtag" rel="tag">#M365</a> <a href="https://hessen.social/tags/O365" class="mention hashtag" rel="tag">#O365</a> <a href="https://hessen.social/tags/EntraID" class="mention hashtag" rel="tag">#EntraID</a> <a href="https://hessen.social/tags/AzureAD" class="mention hashtag" rel="tag">#AzureAD</a> <a href="https://hessen.social/tags/Russia" class="mention hashtag" rel="tag">#Russia</a> <a href="https://hessen.social/tags/SVR" class="mention hashtag" rel="tag">#SVR</a> <a href="https://hessen.social/tags/APT29" class="mention hashtag" rel="tag">#APT29</a> <a href="https://hessen.social/tags/MidnightBlizzard" class="mention hashtag" rel="tag">#MidnightBlizzard</a> <a href="https://infosec.exchange/@JosephMenn/112062526327167579" target="_blank" rel="nofollow noopener noreferrer" translate="no">https://infosec.exchange/@JosephMenn/112062526327167579</a>

Not SimonMicrosoft files an amendment FORM 8-K/A with the United States Securities and Exchange Commission (SEC) regarding the Midnight Blizzard attack. 🔗 <a href="https://www.sec.gov/Archives/edgar/data/789019/000119312524062997/d808756d8ka.htm" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.sec.gov/Archives/edgar/data/789019/000119312524062997/d808756d8ka.htm</a><blockquote>As disclosed in the Original Filing, the Company detected that beginning in late November 2023, a nation-state threat actor had gained access to and exfiltrated information from a very small percentage of employee email accounts including members of our senior leadership team and employees in our cybersecurity, legal, and other functions. Since the date of the Original Filing, the Company has determined that the threat actor used and continues to use information it obtained to gain, or attempt to gain, unauthorized access to some of the Company’s source code repositories and internal systems. The threat actor’s ongoing attack is characterized by a sustained, significant commitment of the threat actor’s resources, coordination, and focus. Our active investigations of the threat actor’s activities are ongoing, findings of our investigations will continue to evolve, and further unauthorized access may occur.</blockquote><a href="https://infosec.exchange/tags/Microsoft" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Microsoft</a> <a href="https://infosec.exchange/tags/Russia" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Russia</a> <a href="https://infosec.exchange/tags/MidnightBlizzard" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#MidnightBlizzard</a> <a href="https://infosec.exchange/tags/APT" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#APT</a> <a href="https://infosec.exchange/tags/APT29" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#APT29</a> <a href="https://infosec.exchange/tags/CozyBear" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CozyBear</a> <a href="https://infosec.exchange/tags/cyberespionage" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cyberespionage</a> <a href="https://infosec.exchange/tags/threatintel" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#threatintel</a> <a href="https://infosec.exchange/tags/SVR" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SVR</a> <a href="https://infosec.exchange/tags/SEC" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SEC</a>

Jan PenfratIs this a good moment to flee from all things <a href="https://eupolicy.social/tags/Microsoft" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Microsoft</a>? <a href="https://eupolicy.social/tags/MidnightBlizzard" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#MidnightBlizzard</a> <a href="https://eupolicy.social/tags/security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#security</a> <a href="https://eupolicy.social/tags/Russia" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Russia</a><a href="https://arstechnica.com/security/2024/03/microsoft-says-kremlin-backed-hackers-accessed-its-source-and-internal-systems/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://arstechnica.com/security/2024/03/microsoft-says-kremlin-backed-hackers-accessed-its-source-and-internal-systems/</a>

WinFuture.deMail-Hack mit Folgen: Russische Hacker klauen Quellcode von Microsoft <a href="https://mastodon.social/tags/Hacker" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Hacker</a> <a href="https://mastodon.social/tags/Russland" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Russland</a> <a href="https://mastodon.social/tags/Mail" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Mail</a> <a href="https://mastodon.social/tags/Code" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Code</a> <a href="https://mastodon.social/tags/Quellcode" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Quellcode</a> <a href="https://mastodon.social/tags/PasswordSpray" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#PasswordSpray</a> <a href="https://mastodon.social/tags/Nobelium" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Nobelium</a> <a href="https://mastodon.social/tags/MidnightBlizzard" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#MidnightBlizzard</a> <a href="https://winfuture.de/news,141628.html?utm_source=Mastodon&utm_medium=ManualStatus&utm_campaign=SocialMedia" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://winfuture.de/news,141628.html?utm_source=Mastodon&utm_medium=ManualStatus&utm_campaign=SocialMedia</a>

IT NewsMicrosoft says Kremlin-backed hackers accessed its source and internal systems - Enlarge (credit: Getty Images) Microsoft said that Kremlin-bac... - <a href="https://arstechnica.com/?p=2008953" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://arstechnica.com/?p=2008953</a> <a href="https://schleuss.online/tags/midnightblizzard" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#midnightblizzard</a> <a href="https://schleuss.online/tags/sourcecode" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#sourcecode</a> <a href="https://schleuss.online/tags/microsoft" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#microsoft</a> <a href="https://schleuss.online/tags/security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#security</a> <a href="https://schleuss.online/tags/biz" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#biz</a>⁢ <a href="https://schleuss.online/tags/apts" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#apts</a>

k3ym𖺀Don't use Exchange On-Prem - It's riddled with vulnerabilities, they said.Use Office 365 - It's way more secure, they said.Meanwhile, MSFT leaving test OAuth accounts active, with: ✅ admin privileges ✅ weak password ✅ no MFA(insert jokerclapping.gif)<a href="https://arstechnica.com/security/2024/01/in-major-gaffe-hacked-microsoft-test-account-was-assigned-admin-privileges/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://arstechnica.com/security/2024/01/in-major-gaffe-hacked-microsoft-test-account-was-assigned-admin-privileges/</a><a href="https://infosec.exchange/tags/cti" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cti</a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cybersecurity</a> <a href="https://infosec.exchange/tags/threatintel" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#threatintel</a> <a href="https://infosec.exchange/tags/midnightblizzard" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#midnightblizzard</a> <a href="https://infosec.exchange/tags/apt29" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#apt29</a>

Karl Voit :emacs: :orgmode:<a href="https://cybervillains.com/@alex" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@alex</a> (this one: <a href="https://en.wikipedia.org/wiki/Alex_Stamos" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://en.wikipedia.org/wiki/Alex_Stamos</a>) on the latest <a href="https://graz.social/tags/Microsoft" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Microsoft</a> Security Team hack allegedly by <a href="https://graz.social/tags/MidnightBlizzard" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#MidnightBlizzard</a> and Microsoft's public incident response including appropriate "translations" by Alex:"Microsoft's Dangerous Addiction To <a href="https://graz.social/tags/Security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Security</a> Revenue" <a href="https://www.linkedin.com/pulse/microsofts-dangerous-addiction-security-revenue-alex-stamos-1ukzc" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.linkedin.com/pulse/microsofts-dangerous-addiction-security-revenue-alex-stamos-1ukzc</a>TL;DR: MS fucks up big time and is using that for selling more of their security services. <a href="https://graz.social/tags/ethics" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ethics</a> Background: <a href="https://www.wired.com/story/microsoft-hpe-midnight-blizzard-email-breaches/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.wired.com/story/microsoft-hpe-midnight-blizzard-email-breaches/</a><a href="https://graz.social/tags/cloud" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cloud</a> <a href="https://graz.social/tags/ActiveDirectory" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ActiveDirectory</a> <a href="https://graz.social/tags/AzureAD" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#AzureAD</a> <a href="https://graz.social/tags/complexity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#complexity</a>

d0pp3l6ang3r :verified: :donor:More details on <a href="https://infosec.exchange/tags/midnightblizzard" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#midnightblizzard</a> ttp: targeted and precise password sprays to OAuth app chess moves. They must have had cloud app admin or global admin adjacent permissions to be able to this. <a href="https://www.microsoft.com/en-us/security/blog/2024/01/25/midnight-blizzard-guidance-for-responders-on-nation-state-attack/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.microsoft.com/en-us/security/blog/2024/01/25/midnight-blizzard-guidance-for-responders-on-nation-state-attack/</a><a href="https://infosec.exchange/tags/sectoot" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#sectoot</a> <a href="https://infosec.exchange/tags/threatintel" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#threatintel</a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#infosec</a>

Matt WillemsenMicrosoft got hacked by state sponsored group it was investigating <a href="https://www.malwarebytes.com/blog/news/2024/01/microsoft-got-hacked-by-state-sponsored-group-it-was-investigating" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.malwarebytes.com/blog/news/2024/01/microsoft-got-hacked-by-state-sponsored-group-it-was-investigating</a> <a href="https://mastodon.social/tags/microsoft" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#microsoft</a> <a href="https://mastodon.social/tags/hacking" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#hacking</a> <a href="https://mastodon.social/tags/statesponsored" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#statesponsored</a> <a href="https://mastodon.social/tags/MidnightBlizzard" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#MidnightBlizzard</a> <a href="https://mastodon.social/tags/attack" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#attack</a>

Frühere Suchanfragen

Suchoptionen

Verwaltet von:

Serverstatistik:

#midnightblizzard