tldrdaily.news logo
Tag

Email Breach

All articles tagged with #email breach

cybersecurity1 year ago

"Russian Hackers Compromise US Government Emails Through Microsoft Breach"

Russian state-backed hackers have stolen email correspondence between US government agencies and Microsoft, potentially compromising login information such as usernames and passwords. While there is no evidence of successful breaches into federal computer systems, US officials are taking the breach seriously and have issued an emergency directive for affected agencies to bolster their defenses. This incident is the latest in a series of foreign hacking campaigns targeting US government agencies through Microsoft software, with the hackers having a history of wide-ranging intelligence gathering campaigns in support of the Kremlin.

via CNN|
#cybersecurity#email-breach#microsoft
cybersecurity1 year ago

"US Government Report Blames Microsoft for Chinese Hack Breaching Senior Officials' Emails"

A US government-backed review has criticized Microsoft for a series of errors that allowed Chinese hackers to breach the company's network and access the email accounts of senior US officials, including the secretary of commerce and US diplomats. The report faulted Microsoft for inadequate protection of a sensitive cryptographic key, leading to the unauthorized access. The incident has raised concerns about cybersecurity and the need for improved practices in the face of cyber-espionage campaigns tied to China and Russia.

via CNN|
#chinese-hackers#cybersecurity#email-breach
technology1 year ago

"Learning from Microsoft's Russian Hacking Incident: New Guidance and Mistakes to Avoid"

Microsoft confirmed that Kremlin-backed spies gained access to its network and stole internal emails and files after exploiting a legacy, non-production test tenant account that did not have multi-factor authentication (MFA) enabled. The attackers used password spray attacks and compromised a test OAuth application to access corporate inboxes belonging to top Microsoft executives and staff. Microsoft has acknowledged the need for faster implementation of MFA and has provided guides for administrators to prevent similar breaches. The incident has raised concerns about the insufficient MFA protection within the company and highlighted the importance of basic security hygiene.

via The Register|
#cybersecurity#email-breach#mfa
technology2 years ago

"Unraveling Microsoft's Response to Recent Cybersecurity Breaches"

Microsoft disclosed that Russia's Cozy Bear breached its network and stole emails and files belonging to its leadership team, cybersecurity, and legal employees. This is the second breach by the same group since 2020. The company's security practices have been criticized, with calls for multi-factor authentication and reevaluation of government dependence on Microsoft. Despite these breaches, Microsoft remains a major player in cybersecurity and continues to win government and enterprise contracts.

via The Register|
#china#cybersecurity#email-breach
cyber-espionage-emails-security2 years ago

Russian State-Sponsored Hackers Breach Microsoft Execs' Emails

Microsoft discloses a sophisticated nation-state cyber attack by a Russian APT group, Midnight Blizzard, resulting in the theft of emails and attachments from senior executives and other individuals in the company's cybersecurity and legal departments. The attack, which began in late November 2023, involved a password spray attack to compromise a legacy non-production test tenant account. While the exact number of email accounts infiltrated and the information accessed were not disclosed, Microsoft emphasized that the breach did not stem from any security vulnerability in its products and that there is no evidence of access to customer environments, production systems, source code, or AI systems.

via The Hacker News|
#apt29#cyber-attack#cyber-espionage-emails-security
cybersecurity2 years ago

Russian-backed Hackers Breach Microsoft Corporate Emails

Microsoft disclosed that some of its corporate email accounts were breached by a Russian-backed group known as Midnight Blizzard, which gained access to a small percentage of email accounts, including those of senior leadership and cybersecurity personnel. The hackers exfiltrated some emails and documents before their access was removed by Microsoft. The company stated that there is no evidence of access to customer environments, production systems, source code, or AI systems, and it is in the process of informing affected users while the investigation continues.

via ABC News|
#cybersecurity#email-breach#hacking
cybersecurity2 years ago

Russian State-Sponsored Hackers Breach Microsoft Executive Emails

Russian intelligence group Nobelium, responsible for the SolarWinds breach, accessed some of Microsoft's top executives' email accounts in a recent attack. The group exfiltrated emails and documents from a small percentage of corporate email accounts, including those of senior leadership and employees in cybersecurity and legal functions. Microsoft does not believe customer data, production systems, or proprietary source code were accessed. The attack comes amidst ongoing conflict between Russia and Ukraine, and follows new U.S. requirements for disclosing cybersecurity incidents. Microsoft is continuing its investigation and working with law enforcement and regulators.

via CNBC|
#cybersecurity#email-breach#microsoft
cybersecurity2 years ago

Chinese Hackers Target Republican Lawmaker's Emails

Republican congressman Rep. Don Bacon of Nebraska revealed that his personal and campaign email accounts were breached by suspected Chinese hackers, making him the first known lawmaker to be targeted in an alleged Chinese espionage campaign. The hackers also accessed the unclassified email accounts of senior State Department and Commerce Department officials. Bacon's support for Taiwan and criticism of China's treatment of the Uyghur minority group may have made him a target. The FBI confirmed the hack, indicating an ongoing investigation, while tensions between the US and China have escalated due to the cyberattacks.

via CNN|
#chinese-hackers#cybersecurity#email-breach
cybersecurity2 years ago

US Cyber Inquiry to Investigate Microsoft's Role in Email Breach and Chinese Hackers' Theft of US Government Emails

A US cybersecurity advisory panel, known as the Cyber Safety Review Board, will investigate risks in cloud computing, including Microsoft's role in a recent breach of government officials' email accounts by suspected Chinese hackers. The board will focus on risks to cloud computing infrastructure broadly and examine all relevant cloud service providers. The decision to investigate cloud computing follows a request by Senator Ron Wyden to investigate Microsoft's role in the breach. Microsoft is facing increasing scrutiny over its ability to protect customers from breaches, and the company has been criticized for its lack of transparency and negligent cybersecurity practices. The board issues a report detailing what went wrong and makes recommendations for future changes after concluding an investigation.

via Yahoo Finance|
#cloud-computing#cybersecurity#email-breach
cybersecurity2 years ago

Chinese Hackers Target Top U.S. Diplomats and Microsoft Cloud Services

Chinese hackers have breached the email accounts of top U.S. diplomats, including the U.S. Ambassador to China and the Assistant Secretary of State for East Asia, as part of a targeted intelligence-gathering campaign. The breach, which also affected the email account of the Secretary of Commerce, is believed to be linked to a larger Chinese hacking operation that targeted about 25 organizations, including some U.S. government agencies. The U.S. has warned China that it will hold the hackers responsible for their actions, while security experts highlight the increasing sophistication of Beijing's cyber espionage capabilities.

via CNBC|
#china-us-tensions#chinese-hackers#cybersecurity
cybersecurity2 years ago

Chinese Hackers Breach U.S. Ambassador's Email, Officials Confirm

China-linked hackers have reportedly accessed the email accounts of the US ambassador to China, Nicholas Burns, and the assistant secretary of state for East Asia, Daniel Kritenbrink, as part of a targeted intelligence-gathering campaign. The breach, which also affected Commerce Secretary Gina Raimondo's email account, was limited to unclassified email accounts. Last week, it was confirmed that hackers based in China had breached email accounts of the State and Commerce departments. The US government has not disclosed the number of people affected, and the incident remains under investigation.

via NBC News|
#china#cybersecurity#email-breach
cybersecurity2 years ago

Chinese Hackers Breach U.S. Government Email Accounts, Microsoft Confirms

Microsoft has revealed that hackers based in China breached the email accounts of approximately 25 organizations, including multiple government agencies. While the affected countries and agencies were not named, at least one U.S. government agency was targeted. The hackers primarily focus on spying on western governments, and Microsoft worked with the federal Cybersecurity and Infrastructure Security Agency to remove them from the compromised systems. The breach occurred between May 15 and June 16, with the hackers primarily seeking access to email accounts. It is unclear whether the hacker group is affiliated with the Chinese government, but China has denied any involvement.

via NBC News|
#china#cybersecurity#email-breach