Lucene search
K

14 matches found

The Hacker News
The Hacker News
added 2024/02/24 11:49 a.m.30 views

Microsoft Expands Free Logging Capabilities for all U.S. Federal Agencies

Microsoft has expanded free logging capabilities to all U.S. federal agencies using Microsoft Purview Audit irrespective of the license tier, more than six months after a China-linked cyber espionage campaign targeting two dozen organizations came to light. "Microsoft will automatically enable th...

7.5AI score
Exploits0
Wiz blog
Wiz blog
added 2023/09/07 7:42 p.m.20 views

Storm-0558 Update: Takeaways from Microsoft's recent report

The Wiz research team examines Microsoft's latest Storm-0558 findings and summarizes the key learnings cloud customers should take away from the incident...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2023/09/07 7:14 a.m.59 views

Outlook Hack: Microsoft Reveals How a Crash Dump Led to a Major Security Breach

Microsoft on Wednesday revealed that a China-based threat actor known as Storm-0558 acquired the inactive consumer signing key to forge tokens and access Outlook by compromising an engineer's corporate account. This enabled the adversary to access a debugging environment that contained informatio...

6.6AI score
Exploits0
MSRC
MSRC
added 2023/09/06 7:0 a.m.32 views

Results of Major Technical Investigations for Storm-0558 Key Acquisition

March 12, 2024 update As part of our continued commitment to transparency and trust outlined in Microsoft’s Secure Future Initiative, we are providing further information as it relates to our ongoing investigation. This new information does not change the customer guidance we previously shared, n...

7AI score
Exploits0
hivepro
hivepro
added 2023/08/01 4:50 a.m.16 views

Attacks, Vulnerabilities and Actors 24 July to 30 July 2023

For a detailed threat digest, download the pdf file here Summary HiveForce Labs recently made several significant discoveries related to cybersecurity threats. Over the past week, We identified a total of six executed attacks, one adversary activities, and five zero-day vulnerabilities including...

6.9AI score
Exploits0
hivepro
hivepro
added 2023/07/24 1:36 p.m.21 views

Storm-0558 Chinese Threat Actor Targets Email Accounts

Threat Level Actor Report For a detailed threat advisory, download the pdf file here Summary Storm-0558, a China-based threat actor with espionage objectives, has been targeting email data from approximately 25 organizations using tactics like credential harvesting, OAuth token, and phishing...

6.9AI score
Exploits0
The Hacker News
The Hacker News
added 2023/07/21 3:14 p.m.55 views

Azure AD Token Forging Technique in Microsoft Attack Extends Beyond Outlook, Wiz Reports

The recent attack against Microsoft's email infrastructure by a Chinese nation-state actor referred to as Storm-0558 is said to have a broader scope than previously thought. According to cloud security company Wiz, the inactive Microsoft account MSA consumer signing key used to forge Azure Active...

6.8AI score
Exploits0
Wiz blog
Wiz blog
added 2023/07/21 2:1 p.m.11 views

Compromised Microsoft Key: More Impactful Than We Thought

Our investigation of the security incident disclosed by Microsoft and CISA and attributed to Chinese threat actor Storm-0558, found that this incident seems to have a broader scope than originally assumed. Organizations using Microsoft and Azure services should take steps to assess potential impa...

6.8AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/07/19 1:0 a.m.25 views

Microsoft validation error allowed state actor to access user email of government agencies and others

Microsoft is getting criticized for the way in which it handled a serious security incident that allowed a suspected Chinese espionage group to access user email from approximately 25 organizations, including government agencies and related consumer accounts in the public cloud. The attacks were...

6.9AI score
Exploits0
The Hacker News
The Hacker News
added 2023/07/15 6:41 a.m.52 views

Microsoft Bug Allowed Hackers to Breach Over Two Dozen Organizations via Forged Azure AD Tokens

Microsoft on Friday said a validation error in its source code allowed for Azure Active Directory Azure AD tokens to be forged by a malicious actor known as Storm-0558 using a Microsoft account MSA consumer signing key to breach two dozen organizations. "Storm-0558 acquired an inactive MSA consum...

7.1AI score
Exploits0
Microsoft Malware Protection
Microsoft Malware Protection
added 2023/07/14 5:0 p.m.41 views

Analysis of Storm-0558 techniques for unauthorized email access

Executive summary On July 11, 2023, Microsoft published two blogs detailing a malicious campaign by a threat actor tracked as Storm-0558 that targeted customer email that weve detected and mitigated: Microsoft Security Response Center and Microsoft on the Issues. As we continue our investigation...

7.4AI score
Exploits0
The Hacker News
The Hacker News
added 2023/07/13 6:14 a.m.37 views

U.S. Government Agencies' Emails Compromised in China-Backed Cyber Attack

An unnamed Federal Civilian Executive Branch FCEB agency in the U.S. detected anomalous email activity in mid-June 2023, leading to Microsoft's discovery of a new China-linked espionage campaign targeting two dozen organizations. The details come from a joint cybersecurity advisory released by th...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2023/07/12 10:45 a.m.21 views

Microsoft Thwarts Chinese Cyber Attack Targeting Western European Governments

Microsoft on Tuesday revealed that it repelled a cyber attack staged by a Chinese nation-state actor targeting two dozen organizations, some of which include government agencies, in a cyber espionage campaign designed to acquire confidential data. The attacks, which commenced on May 15, 2023,...

7AI score
Exploits0
MSRC
MSRC
added 2023/07/11 7:0 a.m.29 views

Microsoft mitigates China-based threat actor Storm-0558 targeting of customer email

UPDATE: Microsoft performed a comprehensive technical investigation into the acquisition of the Microsoft account consumer signing key, including how it was used to access enterprise email. Our technical investigation has concluded, and on September 6, 2023, we published our investigation finding...

6.8AI score
Exploits0
Rows per page
Query Builder