Photo by Windows on Unsplash
Russian Hackers Target Microsoft Senior Leadership Emails
January 22, 2024
Microsoft has revealed that some of its corporate email accounts were breached, and the data was stolen by a Russian state-sponsored hacking group known as Midnight Blizzard. The company detected the attack on Jan. 12, 2024, according to a blog post.
Further investigation into the hacking determined that Microsoft’s systems were breached in November 2023 when Midnight Blizzard conducted what is believed to be a password spray attack to access a legacy non-production account.
A password spray is when someone collects a list of potential login names and attempts to log in to them using one particular password. If that password fails, they repeat it with other passwords until they run out or successfully breach the account.
The password worked on what Microsoft said was an old test account. The hackers then used the account’s privileges to access multiple email streams.
Microsoft says it was hacked by Russian state-sponsored group https://t.co/CIIw3vBhIe pic.twitter.com/7wt6P3fdPV
— Reuters (@Reuters) January 19, 2024
The blog post reported that the hackers searched through the email accounts soon after the intrusion to find out what Microsoft knew about them. It also noted that the attack did not result from a vulnerability in Microsoft products or services.
Midnight Blizzard is also known as APT29, Nobelium, or Cozy Bear by cybersecurity researchers and linked to Russia’s SVR spy agency, according to U.S. officials, per Reuters. This same group is best known for intruding on the Democratic National Committee surrounding the 2016 U.S. election.
Microsoft’s disclosure follows a new regulatory requirement implemented by the U.S. Securities and Exchange Commission (SEC) in December that mandates publicly owned companies to disclose cyber incidents promptly. Affected companies must share a report about a hack’s impact within four business days of discovery — revealing the breach’s time, scope, and nature to the government.
There is no evidence that the threat actor had access to customer environments, production systems, source code, or AI systems. Microsoft said that it would notify customers if any action is required on their accounts.
Recent News
New Trader Joe’s Opens in SF After 10 Years
San Francisco’s Hayes Valley neighborhood welcomed a highly anticipated new addition on May 17, 2024, with the grand opening of a Trader Joe’s at 555 Fulton St., on the corner of Laguna Street. This event marks the end of a decade-long wait for residents who have been eagerly looking forward to a new grocery store in their area.
China’s Property Market Boost: Stocks Surge, Copper Hits Highs
The Chinese government unveiled a comprehensive support package that has sent ripples through financial markets. This initiative includes a slew of measures aimed at stimulating housing demand and addressing the excess inventory burdening developers. The immediate impact was a significant rally in Chinese stocks and a surge in commodity prices, notably copper, which hit record highs.
Mercedes-Benz Workers in Alabama Reject Union
In a pivotal moment for autoworkers in the southern United States, employees at a Mercedes-Benz plant in Alabama have voted against joining the United Auto Workers (UAW) union. The outcome, with 56% of workers voting against unionization and 44% in favor, comes as a significant setback for the UAW’s efforts to expand its influence in the region.
Petaluma’s Annual American Graffiti Celebration
This weekend, Petaluma gears up for its annual homage to the iconic film “American Graffiti” with an array of festivities sure to delight car enthusiasts and nostalgia seekers alike.