🚀 Medial Secures Investment on Shark Tank India - Fueling the Future of Professional Social Networking. 🔥

Startup Showcase

Premium Content

Try our Valuation Calculator →

News on Medial

Microsoft's senior executives targeted in Russian hackers' password spray attack

Business Insider

Business Insider · 1y ago

Microsoft's senior executives targeted in Russian hackers' password spray attack

Russian state-backed hackers have been targeting Microsoft systems, gaining unauthorized access to a small percentage of corporate email accounts. The hacking group, known as Midnight Blizzard, launched password spray attacks to infiltrate the accounts and gained access to source code repositories and internal systems, potentially enabling further attacks. Microsoft detected the unauthorized activity in late November 2023, with an increase in attacks in February. The company is working to defend against this advanced persistent threat and is collaborating with law enforcement and regulators as the investigation continues. No evidence of access to customer environments or AI systems has been found.

Related News

Microsoft ‘senior leadership’ emails accessed by Russian SolarWinds hackers

The Verge

The Verge · 1y ago

Microsoft ‘senior leadership’ emails accessed by Russian SolarWinds hackers

Microsoft has disclosed that a Russian state-sponsored group, Nobelium, responsible for the SolarWinds attack, also targeted the company's corporate systems. The hackers gained access to email accounts of some members of Microsoft's senior leadership team in late 2023. They used a password spray attack to compromise a non-production test tenant account and accessed a small percentage of corporate email accounts. While it's unclear what information was stolen, Microsoft has stated that there is no evidence of access to customer environments, production systems, or source code.

Microsoft says Russian hackers stole source code after spying on its executives

The Verge

The Verge · 1y ago

Microsoft says Russian hackers stole source code after spying on its executives

Microsoft has disclosed that the Russian state-sponsored hacking group behind the SolarWinds attack has stolen some of its source code. The group, known as Nobelium or "Midnight Blizzard," initially gained access to Microsoft's systems through a password spray attack last year. While Microsoft has found no evidence of compromising customer-facing systems, it is warning that the hackers are attempting to use the stolen information to breach the software giant and potentially its customers. The attack comes after Microsoft announced plans to enhance its software security following previous cyberattacks on its systems.

Russian spies keep hacking into Microsoft in 'ongoing attack,' company says

TechCrunch · 1y ago

Russian spies keep hacking into Microsoft in 'ongoing attack,' company says

Russian hackers known as Midnight Blizzard have targeted Microsoft's source code and internal systems, according to a recent blog post by the company. Microsoft stated that the hackers have gained unauthorized access by using information obtained from a previous cyberattack. The intrusion follows Microsoft's revelation in January that Russian government hackers had broken into the company's systems last November. Midnight Blizzard, also known as APT29 or Cozy Bear, is believed to be linked to Russia's Foreign Intelligence Service, SVR.

Microsoft Under Constant Attack by Russian Hackers, Filing Says

Gizmodo

Gizmodo · 1y ago

Microsoft Under Constant Attack by Russian Hackers, Filing Says

Russian government-linked hackers, known as Midnight Blizzard, are persistently attempting to breach Microsoft's systems using information stolen in a 2023 hack. The intrusion is serious enough that Microsoft has reported it to the SEC. While no evidence suggests customer-facing systems have been compromised, the hackers gained access to a small percentage of employee email accounts, including those of senior leadership and cybersecurity personnel. Microsoft has observed an increase in brute force password-guessing attempts by the group. Hewlett Packard Enterprise also reported that Midnight Blizzard compromised its Office 365 cloud email environment.

Microsoft informs customers that Russian hackers spied on emails

Economic Times

Economic Times · 1y ago

Microsoft informs customers that Russian hackers spied on emails

Russian hackers managed to breach Microsoft's systems earlier this year, gaining access to staff inboxes and stealing emails from its customers. This incident highlights the extent of the breach and raises concerns about the security of Microsoft's software and systems against foreign threats. The hackers, believed to be linked to the Russian government, targeted cybersecurity researchers who were investigating the actions of a Russian hacking group. Microsoft is now notifying affected customers and sharing compromised emails as part of its ongoing investigation into the breach.

Five Eyes top agencies issue warning that Russian hackers are targeting the cloud — and the human factor is once again to blame

Techradar

Techradar · 1y ago

Five Eyes top agencies issue warning that Russian hackers are targeting the cloud — and the human factor is once again to blame

The Five Eyes alliance issued a warning that Russian hacker groups are targeting cloud services as their preferred method of attack. Instead of focusing on on-prem infrastructure, hackers are shifting their attention to cloud-based environments. The methods used, such as password spraying and brute force attacks, remain consistent, but threat actors are now exploiting cloud services directly. The advisory provides mitigation and detection techniques, including the use of MFA, strong passwords, and restricting user access. The use of MagicWeb malware by Russian hackers is also highlighted.

Australian spies blame Russian for major cyberattack

Economic Times

Economic Times · 1y ago

Australian spies blame Russian for major cyberattack

According to the Economic Times, Australian intelligence agencies have identified Russian hackers as the culprits behind a major cyberattack. The attack targeted Australian government organizations, businesses, and individuals. The Australian government has not publicly named Russia as the responsible party, but officials have privately attributed the attack to the country. This incident highlights the ongoing cybersecurity concerns and tensions between nations in the digital world.

In major gaffe, hacked Microsoft test account was assigned admin privileges

Arstechnica

Arstechnica · 1y ago

In major gaffe, hacked Microsoft test account was assigned admin privileges

Hackers breached Microsoft's network and accessed email accounts of top executives by exploiting an aging test account with administrative privileges that lacked multifactor authentication. Microsoft provided more details on the attack, revealing that the hackers abused the OAuth authorization protocol to gain persistent access to privileged email accounts. By creating a malicious app and assigning it access rights to all email addresses on Microsoft's Office 365 email service, the hackers were able to maintain control even if they lost access to the compromised accounts. The incident highlights a significant configuration error made by Microsoft.

Microsoft says Russian-state sponsored hackers have been able to access internal systems

Economic Times

Economic Times · 1y ago

Microsoft says Russian-state sponsored hackers have been able to access internal systems

Microsoft reported on Friday that a Russian state-sponsored hacking group called Midnight Blizzard has successfully infiltrated its source code repositories and internal systems. The breach was initially discovered by Microsoft in January but has escalated in February, with the hackers increasing the volume of their attack. The group is reportedly using various secrets they have obtained to target Microsoft's customers.

Microsoft says Russian hackers attacked it to find information about themselves

Business Insider

Business Insider · 1y ago

Microsoft says Russian hackers attacked it to find information about themselves

Microsoft revealed that its security systems were breached by a Russian hacking group called Midnight Blizzard, the same group behind the SolarWinds cyberattack. The hackers accessed a small percentage of corporate email accounts, including those of senior leaders, legal and cybersecurity personnel. Microsoft stated that the attack was not due to any vulnerability in its products or services and that there is no evidence of the hackers gaining access to customer environments or source code.

Trackers

Active Indian VC’s

OG Capital Email

With a hands-on approach, OG Capital aims to invest in over 20 promising...

Accel Partners Email

Early and growth-stage investments in disruptive technology companies with...

Early-stage venture capital firm investing in technology startups in India. Focus on...

Access All Trackers

Startup Showcase Winners

June 2025

Helping your parents when you are miles away

The Pit Stop Your Cravings Deserve

The next generation E-commerce platform

Enter Ongoing Startup Showcase

Top Users

Trending News on Medial

ChatGPT is testing a mysterious n ...

Jack Dorsey working on Bluetooth ...

Meta acquires voice startup Play ...

Download the medial app to read full posts, comements and news.