"CISA Issues Emergency Directive After Russian Hackers Breach Microsoft Email System"
The US Cybersecurity and Infrastructure Security Agency (CISA) revealed that a Russian hacker group, Midnight Blizzard, compromised Microsoft corporate email accounts to exfiltrate correspondence between US government agencies and Microsoft, posing a significant risk. This follows Microsoft's report of a Moscow-sponsored hacker group accessing emails, documents, and source code repositories. CISA has issued an emergency directive for affected agencies to review and enhance security measures, including analyzing exfiltrated content, resetting compromised credentials, and securing authentication tools for privileged Microsoft Azure accounts. Midnight Blizzard, also known as Nobelium and Cozy Bear, is associated with Russia’s Foreign Intelligence Service and was behind the 2020 SolarWinds hack.
- Russian Hackers Steal US Government Correspondence Through Microsoft Hack: US Agency Kyiv Post
- ED 24-02: Mitigating the Significant Risk from Nation-State Compromise of Microsoft Corporate Email System CISA
- CISA warns Microsoft email breach may lead to hacks at other agencies The Washington Post
- US cyber agency says Russian hackers used Microsoft access to steal government emails Reuters
- CISA Issues Emergency Directive After Midnight Blizzard Microsoft Hits Dark Reading
Reading Insights
0
0
2 min
vs 3 min read
75%
423 → 104 words
Want the full story? Read the original article
Read on Kyiv Post