"Microsoft's Security Failures Exposed: Unraveling the 2023 Exchange Attack"
The U.S. Department of Homeland Security's Cyber Safety Review Board (CSRB) has criticized Microsoft's handling of the 2023 Exchange Online attack, stating that the company needs to improve data security and transparency regarding the theft of an Azure signing key by cyberespionage actor 'Storm-0558.' Microsoft has been unable to provide conclusive evidence on how the threat actor obtained the signing key, despite attributing the hack to Storm-0558 stealing the key from an engineer's compromised laptop. The hackers accessed email accounts using a 2016 Microsoft Services Account (MSA) key that should have been revoked in 2021, leading to the compromise of over 500 individuals at 22 organizations. The CSRB report highlights the need for enhanced logging features and improved key management, while Microsoft continues to investigate the incident.
- Microsoft still unsure how hackers stole MSA key in 2023 Exchange attack BleepingComputer
- 'Cascade of errors' by Microsoft led to Chinese email hack of top US officials, scathing report says New York Post
- U.S. government board calls Microsoft's security practices "inadequate" Axios
- US reprimands Microsoft for security failures that allowed Chinese hack The Guardian
- Microsoft really blew it, says government report on Chinese hacks Business Insider
Reading Insights
0
1
6 min
vs 7 min read
90%
1,256 → 127 words
Want the full story? Read the original article
Read on BleepingComputer