Skip to main content

Microsoft still unsure how hackers stole MSA key in 2023 Exchange attack

posted onApril 4, 2024
by l33tdawg
Bleeping Computer
Credit: Bleeping Computer

The U.S. Department of Homeland Security's Cyber Safety Review Board (CSRB) has released a scathing report on how Microsoft handled its 2023 Exchange Online attack, warning that the company needs to do better at securing data and be more truthful about how threat actors stole an Azure signing key.

Microsoft believes that last May's Exchange Online hack is linked to a threat actor known as 'Storm-0558' stealing an Azure signing key from an engineer's laptop that was previously compromised by the hackers at an acquired company.

Storm-0558 is a cyberespionage actor affiliated with China that has been active for more than two decades targeting a wide range of organizations. Almost 10 months after Microsoft started the investigation, the CSRB states there isn’t any definitive evidence on how the threat actor obtained the signing key, regardless of what Microsoft previously claimed.

Source

Tags

Microsoft Security

You May Also Like

Recent News

Tuesday, November 19th

Friday, November 8th

Friday, November 1st

Tuesday, July 9th

Wednesday, July 3rd

Friday, June 28th

Thursday, June 27th

Thursday, June 13th

Wednesday, June 12th

Tuesday, June 11th