Location:Home >> News >> Benefits to You

Microsoft reveals new wave of attacks by Russia’s Midnight Blizzard

Microsoft reveals new wave of attacks by Russia’s Midnight Blizzard

 Microsoft has revealed that a group of Russian state-sponsored hackers, known as Nobelium or Midnight Blizzard, has been spying on the email accounts of some of its senior leaders and stealing some of its source code. This is the same group that was behind the massive SolarWinds attack that compromised several US government agencies and private companies last year.



In a blog post, Microsoft said that in recent weeks, it has seen evidence that Midnight Blizzard is using the information it obtained from its corporate email systems to gain unauthorized access to some of its source code repositories and internal systems. However, Microsoft assured that it had not found evidence that its customer-facing systems had been compromised.

Microsoft’s stolen source code
Microsoft did not specify what source code was accessed by the hackers. Still, it warned that Midnight Blizzard is now attempting to use “secrets of different types it has found” further to breach the software giant and potentially its customers. These secrets include confidential information shared between customers and Microsoft in email, such as passwords, keys, or certificates. Microsoft said it is contacting these customers to help them take mitigating measures.

The source code is the underlying code that makes up Microsoft’s software products and services. It is usually protected by intellectual property rights and kept secret from competitors and malicious actors. By stealing the source code, the hackers could potentially find vulnerabilities, exploit them, or create counterfeit versions of Microsoft’s software.

The password spray attack
Microsoft said Midnight Blizzard initially accessed its systems through a password spray attack last year. This is a brute-force attack where hackers use a large list of common or weak passwords to try logging into multiple accounts. Microsoft admitted that it had configured a non-production test account without two-factor authentication enabled, which allowed Midnight Blizzard to gain access.

Microsoft said that it has increased its security investments, coordination, and mobilization and has enhanced its ability to defend itself and secure its environment against this advanced persistent threat. It also said that it has and will continue to implement enhanced security controls, detections, and monitoring.

The aftermath of the attack
The attack on Microsoft came just days after the company announced its plan to overhaul its software security following serious Azure cloud attacks. Microsoft has recently been at the center of several high-profile security attacks, including 30,000 organizations’ email servers getting hacked in 2021 due to a Microsoft Exchange Server flaw and Chinese hackers breaching US government emails via a Microsoft cloud exploit last year.

Microsoft is still investigating Midnight Blizzard’s latest attacks on its systems. The attack on Microsoft is also part of a broader campaign by Russia’s SVR, the foreign intelligence service, to target various sectors and organizations worldwide.

Special Reminder & Disclaimer:
The information of this website comes from the Internet. The content (pictures, videos and words) released by this website is mainly the content submitted by users and reproduced by users. The purpose is to convey more information, which does not mean that this website agrees with its views. The originality, statements, and content of this article have not been verified by this website. We do not guarantee or promise the authenticity, completeness, or timeliness of this article or all or part of its content or text. Please verify the relevant content on your own. This website does not assume direct or joint liability for infringement of such works. If any content on this website infringes on your rights, please contact us promptly (email: nssa@soufind.com )This site will complete the processing within 72 hours. The original content on this website cannot be reproduced without permission, or the source must be indicated when reprinting: nssa.vip Aerospace Alliance

Author: 网络佚名

Recommended for you

Post comments

admin

Contact Us

Contact Us

Online consultation: QQ交谈

Email: service#soufind.com

follow us on WeChat
Scan and follow us on WeChat

Scan and follow us on WeChat