Microsoft reported a breach by Russian group ‘Midnight Blizzard,’ which accessed internal systems and source code using stolen authentication secrets from a January cyberattack. The unauthorized access was facilitated by a compromised non-production test account lacking multi-factor authentication and linked to an OAuth app with elevated privileges. Microsoft is contacting affected customers and has ramped up security measures to counter the persistent threat.

  • Bipta
    link
    fedilink
    3
    edit-2
    8 months ago

    Midnight Blizzard hacks Microsoft again

    Today, Microsoft says that Midnight Blizzard is using secrets found in the stolen data to gain access to some of the company’s systems and source code repositories in recent weeks.