Microsoft says the Russian 'Midnight Blizzard' hacking group recently accessed some of its internal systems and source code repositories using authentication secrets stolen during a January cyberattack.

Microsoft reported a breach by Russian group ‘Midnight Blizzard,’ which accessed internal systems and source code using stolen authentication secrets from a January cyberattack. The unauthorized access was facilitated by a compromised non-production test account lacking multi-factor authentication and linked to an OAuth app with elevated privileges. Microsoft is contacting affected customers and has ramped up security measures to counter the persistent threat.

  • Admiral PatrickEnglish
    449 months ago

    Oh, no. Imagine all the havoc that could be wrought if the source code for an operating system was released onto the internet /s

    That’s why you should never rely on security through obscurity.

    – Sent from my Linux desktop

    • @assemblyEnglish
      109 months ago

      I hope these hackers didn’t also get the source code to RockyLinux or I’m screwed man. If all you need is source code access, I won’t be safe after that. :-)

    • rutellthesinful
      39 months ago

      wouldn’t the counterpoint to that be all the vulnerabilities that have sat out in the open for years before finally being reported?

    • @rdriEnglish
      09 months ago

      Chances are it didn’t involve the OS source code. If you read the article, previously Microsoft reported about source code for service components like Exchange, Azure etc.