"Microsoft's Security Failures Exposed: Unraveling the 2023 Exchange Attack"
The U.S. Department of Homeland Security's Cyber Safety Review Board (CSRB) has criticized Microsoft's handling of the 2023 Exchange Online attack, stating that the company needs to improve data security and transparency regarding the theft of an Azure signing key by cyberespionage actor 'Storm-0558.' Microsoft has been unable to provide conclusive evidence on how the threat actor obtained the signing key, despite attributing the hack to Storm-0558 stealing the key from an engineer's compromised laptop. The hackers accessed email accounts using a 2016 Microsoft Services Account (MSA) key that should have been revoked in 2021, leading to the compromise of over 500 individuals at 22 organizations. The CSRB report highlights the need for enhanced logging features and improved key management, while Microsoft continues to investigate the incident.