HomeSecurity OperationsMicrosoft reports that Russian hacking group gained access to email accounts of...

Microsoft reports that Russian hacking group gained access to email accounts of top officials

Published on

spot_img

Microsoft revealed on Friday that a Russian hacking group managed to breach the email accounts of some senior leaders within the company. The cybersecurity team at Microsoft detected the attack, which was carried out by a nation-state actor known as Midnight Blizzard, on January 12, 2024. This same group was responsible for the infamous SolarWinds breach in 2020.

According to a blog post by the Microsoft Security Response Center, the hackers were able to access a small percentage of corporate email accounts, including those belonging to senior leadership and employees in the cybersecurity and legal departments. The attackers were able to extract some emails and documents, but Microsoft believes they were specifically targeting information related to Midnight Blizzard.

The breach, which began in late November 2023, was initiated through a “password spray attack,” where hackers attempt to access multiple accounts using commonly known passwords. Microsoft clarified that there is currently no evidence to suggest that the hackers gained access to customer environments or AI systems.

In response to the breach, Microsoft is in the process of notifying employees whose emails were compromised. The company is also working closely with law enforcement and regulators to investigate the incident further. Microsoft has pledged to share more information publicly as the investigation unfolds.

This recent attack underscores the ongoing threat posed by well-resourced nation-state actors like Midnight Blizzard. Microsoft’s systems have been the target of multiple high-profile hacking attempts in recent years, highlighting the importance of robust cybersecurity measures.

The Cybersecurity and Infrastructure Security Agency has not yet provided a comment on the hack, and Microsoft has declined to offer any additional statements. The FBI, however, has acknowledged the incident and is working with federal partners to provide assistance. They urge any victims of cyber incidents to contact their local FBI field office.

As the situation continues to develop, Microsoft will remain vigilant in protecting its systems and information from future cyber threats. This story will be updated with any new developments as they arise.

Source link

Latest articles

The Evolving Role of the CISO as the Future CFO

The Pressing Question of Cybersecurity Assurance: Is the CISO Role Sustainable? In the fast-evolving landscape...

Why the Gentlemen Ransomware Challenges Identity and Recovery Controls

Emerging Threat: The Gentlemen Ransomware Group Targeting Enterprises Globally A recent report by cybersecurity firm...

Chinese Cyberespionage Targets University Roundcube Servers

Espionage Campaign Targets University Departments with Advanced Cyber Tactics A sophisticated cyber-espionage campaign has recently...

Visa Threat Platform Tackles Payment Fraud

Visa Launches Advanced Threat Intelligence Platform to Combat Payment Fraud In a significant move to...

More like this

The Evolving Role of the CISO as the Future CFO

The Pressing Question of Cybersecurity Assurance: Is the CISO Role Sustainable? In the fast-evolving landscape...

Why the Gentlemen Ransomware Challenges Identity and Recovery Controls

Emerging Threat: The Gentlemen Ransomware Group Targeting Enterprises Globally A recent report by cybersecurity firm...

Chinese Cyberespionage Targets University Roundcube Servers

Espionage Campaign Targets University Departments with Advanced Cyber Tactics A sophisticated cyber-espionage campaign has recently...