Microsoft network breached through passwordspraying by Russianstate hackers Ars Technica

Image for article Microsoft network breached through passwordspraying by Russianstate hackers  Ars Technica
News Source : Ars Technica

News Summary

  • Access to email accounts belonging to “senior leadership… cybersecurity, and legal" teams using just the permissions of a "test tenant account” suggests that someone gave that test account amazing privileges..
  • Microsoft's account raises the prospect that the Russian hackers had uninterrupted access to the accounts for as long as two months.A translation of the 93 words quoted above: A device inside Microsoft’s network was protected by a weak password with no form of two-factor authentication employed..
  • A successful password spray attack suggests no 2FA and either reused or weak passwords..
  • We are in the process of notifying employees whose email was accessed.Microsoft didn’t detect the breach until January 12, exactly a week before Friday’s disclosure..
  • The Russian adversary group was able to guess it by peppering it with previously compromised or commonly used passwords until they finally landed on the right one..
  • The investigation indicates they were initially targeting email accounts for information related to Midnight Blizzard itself..
33Russiastate hackers exploited a weak password to compromise Microsofts corporate network and accessed emails and documents that belonged to senior executives and employees working in security an [+3613 chars]

Must read Articles