Security News > 2020 > December > Microsoft Warns CrowdStrike of Hackers Targeting Azure Cloud Customers
The hacking endeavor was reported to the company by Microsoft's Threat Intelligence Center on December 15, which identified a third-party reseller's Microsoft Azure account to be making "Abnormal calls" to Microsoft cloud APIs during a 17-hour period several months ago.
The undisclosed affected reseller's Azure account handles Microsoft Office licensing for its Azure customers, including CrowdStrike.
It also coincides with a new report from The Washington Post today, which alleges Russian government hackers have breached Microsoft cloud customers and stolen emails from at least one private-sector company by taking advantage of a Microsoft reseller that manages cloud-access services.
"Our investigation of recent attacks has found incidents involving abuse of credentials to gain access, which can come in several forms. We have not identified any vulnerabilities or compromise of Microsoft product or cloud services," Microsoft's Senior Director Jeff Jones said in an email response to The Hacker News.
CrowdStrike has also released CrowdStrike Reporting Tool for Azure, a free tool that aims to help organizations review excessive permissions in their Azure Active Directory or Office 365 environments and help determine configuration weaknesses.
News URL
Related news
- A Hacker's Era: Why Microsoft 365 Protection Reigns Supreme (source)
- Ransomware attackers hop from on-premises systems to cloud to compromise Microsoft 365 accounts (source)
- Microsoft and DOJ disrupt Russian FSB hackers' attack infrastructure (source)
- Microsoft lost some customers’ cloud security logs (source)
- Microsoft creates fake Azure tenants to pull phishers into honeypots (source)
- Notorious Hacker Group TeamTNT Launches New Cloud Attacks for Crypto Mining (source)
- Chinese Hackers Use CloudScout Toolset to Steal Session Cookies from Cloud Services (source)
- Hackers steal 15,000 cloud credentials from exposed Git config files (source)
- Microsoft: Chinese hackers use Quad7 botnet to steal credentials (source)
- Microsoft warns Azure Virtual Desktop users of black screen issues (source)