Security News > 2024 > January > Microsoft Says State-Sponsored Attackers Accessed Senior Leaders’ Emails
Microsoft disclosed on Jan. 19 that a nation-state backed attack occurred beginning in November 2023 in which the Russian state-sponsored threat actor group Midnight Blizzard accessed some Microsoft corporate emails and documents through compromised email accounts.
The attackers gained access in November 2023 using a legacy test tenant account.
"The attack was not the result of a vulnerability in Microsoft products or services," the Microsoft team wrote.
Password spraying is a brute force attack in which threat actors spam or "Spray" commonly used passwords against many different accounts in one organization or application.
"Companies should prioritize educating employees on the benefits of robust passwords and 2FA, as well as the hallmarks of social engineering attacks, malicious links and attachments, and the dangers of insecure password sharing," said Gary Orenstein, chief customer officer at password management service firm Bitwarden, in an email to TechRepublic.
In regards to nation-state actors specifically, Microsoft said attacks like the recent password spraying attack caused the company to change "The balance we need to strike between security and business risk - the traditional sort of calculus is simply no longer sufficient."
News URL
https://www.techrepublic.com/article/microsoft-midnight-blizzard-nation-state-attack/
Related news
- Microsoft fixes Outlook email sending issue for users with many folders (source)
- Over 5,000 Fake Microsoft Notifications Fueling Email Compromise Campaigns (source)
- Microsoft Detects Growing Use of File Hosting Services in Business Email Compromise Attacks (source)
- Microsoft Outlook bug blocks email logins, causes app crashes (source)
- Microsoft Exchange adds warning to emails abusing spoofing flaw (source)
- Microsoft 365 Admin portal abused to send sextortion emails (source)