Microsoft still unsure how hackers stole MSA key in 2023 Exchange attack

posted onApril 4, 2024
by l33tdawg
Bleeping Computer
Credit: Bleeping Computer

The U.S. Department of Homeland Security's Cyber Safety Review Board (CSRB) has released a scathing report on how Microsoft handled its 2023 Exchange Online attack, warning that the company needs to do better at securing data and be more truthful about how threat actors stole an Azure signing key.

Microsoft believes that last May's Exchange Online hack is linked to a threat actor known as 'Storm-0558' stealing an Azure signing key from an engineer's laptop that was previously compromised by the hackers at an acquired company.

Storm-0558 is a cyberespionage actor affiliated with China that has been active for more than two decades targeting a wide range of organizations. Almost 10 months after Microsoft started the investigation, the CSRB states there isn’t any definitive evidence on how the threat actor obtained the signing key, regardless of what Microsoft previously claimed.

Source

Tags

Microsoft Security

You May Also Like

Other Articles In This Section

Recent News

Friday, May 31st

Zero-day flaw in Check Point VPNs is ‘extremely easy’ to exploit
Law enforcement operation takes aim at an often-overlooked cybercrime linchpin
Tech giants form AI group to counter Nvidia with new interconnect standard
Musk can’t avoid testifying in SEC probe of Twitter buyout by playing victim

Wednesday, May 29th

Neuralink rival sets brain-chip record with 4,096 electrodes on human brain
US sanctions operators of “free VPN” that routed crime traffic through user PCs
OpenAI training its next major AI model, forms new safety committee
Cops Are Just Trolling Cybercriminals Now
How Researchers Cracked an 11-Year-Old Password to a $3 Million Crypto Wallet

Tuesday, May 28th

Japanese police arrest man after computer viruses created by misusing AI
Notorious Data Leak Site Breachforums is back From the Seizure
A high-severity vulnerability affects Cisco Firepower Management Center
OpenAI backpedals on scandalous tactic to silence former employees
Apple clarifies iOS 17.5 bug that exposed deleted photos
Newly discovered ransomware uses BitLocker to encrypt victim data

Friday, May 24th

Dutch cybercops tracked a crypto theft to one of the world’s worst botnets
He Trained Cops to Fight Crypto Crime—and Allegedly Ran a $100M Dark-Web Drug Market
A Leak of Biometric Police Data Is a Sign of Things to Come
A root-server at the Internet’s core lost touch with its peers. We still don’t know why.
Crooks plant backdoor in software used by courtrooms around the world

Thursday, May 23rd

Anyone Can Trick AI Bots into Spilling Passwords
GitHub addresses maximum severity Enterprise Server vulnerability
Neuralink’s First User Is ‘Constantly Multitasking’ With His Brain Implant
Humane AI Pin is a disaster: Founders already want to sell the company
Here’s what’s really going on inside an LLM’s neural network

Tuesday, May 21st

23-year-old man accused of running $100 million online narcotics marketplace
Scarlett Johansson Says OpenAI Ripped Off Her Voice for ChatGPT

Monday, May 20th

WikiLeaks' Julian Assange Can Appeal His Extradition to the US, British Court Says
Craig Wright Lied About Creating Bitcoin And Faked Evidence, Judge Rules
Two students find security bug that could let millions do laundry for free
Lazarus Group Moves $147.5M in Stolen Crypto (BTC, ETH) to North Korea, UN Report Reveals
Time Is Running Out in the Hunt for Rare Bitcoin
“Unprecedented” Google Cloud event wipes out customer account and its backups
What happened to OpenAI’s long-term AI risk team?

Thursday, May 16th

Flaw in Wi-Fi Standard Can Enable SSID Confusion Attacks