HomeSecurity OperationsMicrosoft reports that Russian hacking group gained access to email accounts of...

Microsoft reports that Russian hacking group gained access to email accounts of top officials

Published on

spot_img

Microsoft revealed on Friday that a Russian hacking group managed to breach the email accounts of some senior leaders within the company. The cybersecurity team at Microsoft detected the attack, which was carried out by a nation-state actor known as Midnight Blizzard, on January 12, 2024. This same group was responsible for the infamous SolarWinds breach in 2020.

According to a blog post by the Microsoft Security Response Center, the hackers were able to access a small percentage of corporate email accounts, including those belonging to senior leadership and employees in the cybersecurity and legal departments. The attackers were able to extract some emails and documents, but Microsoft believes they were specifically targeting information related to Midnight Blizzard.

The breach, which began in late November 2023, was initiated through a “password spray attack,” where hackers attempt to access multiple accounts using commonly known passwords. Microsoft clarified that there is currently no evidence to suggest that the hackers gained access to customer environments or AI systems.

In response to the breach, Microsoft is in the process of notifying employees whose emails were compromised. The company is also working closely with law enforcement and regulators to investigate the incident further. Microsoft has pledged to share more information publicly as the investigation unfolds.

This recent attack underscores the ongoing threat posed by well-resourced nation-state actors like Midnight Blizzard. Microsoft’s systems have been the target of multiple high-profile hacking attempts in recent years, highlighting the importance of robust cybersecurity measures.

The Cybersecurity and Infrastructure Security Agency has not yet provided a comment on the hack, and Microsoft has declined to offer any additional statements. The FBI, however, has acknowledged the incident and is working with federal partners to provide assistance. They urge any victims of cyber incidents to contact their local FBI field office.

As the situation continues to develop, Microsoft will remain vigilant in protecting its systems and information from future cyber threats. This story will be updated with any new developments as they arise.

Source link

Latest articles

Cynomi’s Focus on Autonomous AI Agents for Security Teams

CEO David Primor Discusses the Impact of AI on Engineering Productivity Cynomi, a promising player...

Forescout Discovers AI-Powered Phishing Campaign Featuring Fake eCards

Emerging Threats: The Sophisticated SeasonalInvite Phishing Campaign Exposed by Forescout In an eye-opening revelation, new...

Microsoft Addresses 570 CVEs in Historic Patch Tuesday

Microsoft Releases Unprecedented Number of Security Updates In a significant move, Microsoft has announced the...

Malware Attacks Japan’s Leading Taxi Company Nihon Kotsu

Japan's leading taxi service provider, Nihon Kotsu, recently faced a significant cybersecurity incident that...

More like this

Cynomi’s Focus on Autonomous AI Agents for Security Teams

CEO David Primor Discusses the Impact of AI on Engineering Productivity Cynomi, a promising player...

Forescout Discovers AI-Powered Phishing Campaign Featuring Fake eCards

Emerging Threats: The Sophisticated SeasonalInvite Phishing Campaign Exposed by Forescout In an eye-opening revelation, new...

Microsoft Addresses 570 CVEs in Historic Patch Tuesday

Microsoft Releases Unprecedented Number of Security Updates In a significant move, Microsoft has announced the...