Security News > 2024 > January > What Microsoft's latest email breach says about this IT security heavyweight
Microsoft declined to answer The Register's questions about the digital heist, or its security in general.
This marks the second time since 2020 the same gang of Kremlin-backed cyber spies - whom Microsoft now calls Midnight Blizzard, used to track as Nobelium, and most call Cozy Bear - has invaded Microsoft.
Following the theft of the Microsoft security key that China used to break into US government email accounts in July - and at the urging of US Senator Ron Wyden - the US Cyber Safety Review Board launched an investigation into the Microsoft breach and the larger issues surrounding cloud security.
Presumably, the review board had begun its Microsoft analysis when Cozy Bear broke into corporate email accounts last year.
Beginning in late November 2023, the threat actor used a password spray attack to compromise a legacy non-production test tenant account and gain a foothold, and then used the account's permissions to access a very small percentage of Microsoft corporate email accounts, including members of our senior leadership team and employees in our cybersecurity, legal, and other functions, and exfiltrated some emails and attached documents.
"It is inexcusable that Microsoft still hasn't required multi-factor authentication, which is cybersecurity 101 and would have prevented this latest attack," Wyden told The Register.
News URL
https://go.theregister.com/feed/www.theregister.com/2024/01/24/microsoft_latest_breach_cozy_bear/
Related news
- Microsoft breach allowed Russian spies to steal emails from US government (source)
- Microsoft Copilot for Security prepares for April liftoff (source)
- Microsoft’s Security Copilot Enters General Availability (source)
- Microsoft confirms memory leak in March Windows Server security update (source)
- Microsoft warns Gmail blocks some Outlook email as spam, shares fix (source)
- Microsoft slammed for lax security that led to China's cyber-raid on Exchange Online (source)
- Microsoft slammed for lax security that led to China's cyber-raid on Exchange Online (source)
- U.S. Cyber Safety Board Slams Microsoft Over Breach by China-Based Hackers (source)
- Microsoft fixes Outlook security alerts bug caused by December updates (source)
- Security Vulnerability of HTML Emails (source)