- cross-posted to:
- [email protected]
- cross-posted to:
- [email protected]
Microsoft reported a breach by Russian group ‘Midnight Blizzard,’ which accessed internal systems and source code using stolen authentication secrets from a January cyberattack. The unauthorized access was facilitated by a compromised non-production test account lacking multi-factor authentication and linked to an OAuth app with elevated privileges. Microsoft is contacting affected customers and has ramped up security measures to counter the persistent threat.
What does it matter?
Source code is available for most of their infrastructure is what I’m saying.