Security News > 2024 > January > Microsoft Executives Hacked
Microsoft is reporting that a Russian intelligence agency-the same one responsible for SolarWinds-accessed the email system of the company's executives.
Beginning in late November 2023, the threat actor used a password spray attack to compromise a legacy non-production test tenant account and gain a foothold, and then used the account's permissions to access a very small percentage of Microsoft corporate email accounts, including members of our senior leadership team and employees in our cybersecurity, legal, and other functions, and exfiltrated some emails and attached documents.
The investigation indicates they were initially targeting email accounts for information related to Midnight Blizzard itself.
Jos January 29, 2024 7:40 AM. There is also a blog post with more details on Midnight Blizzard and it's way of working available at Microsoft security blog.
Reader Two January 29, 2024 7:55 AM. I hope someone is looking for correlations between stock trading and email hacks.
I'd hate to think insider trading is a profit center for Russian hackers.
News URL
https://www.schneier.com/blog/archives/2024/01/microsoft-executives-hacked.html