"CISA Issues Emergency Directive After Russian Hackers Breach Microsoft Email System"
The US Cybersecurity and Infrastructure Security Agency (CISA) revealed that a Russian hacker group, Midnight Blizzard, compromised Microsoft corporate email accounts to exfiltrate correspondence between US government agencies and Microsoft, posing a significant risk. This follows Microsoft's report of a Moscow-sponsored hacker group accessing emails, documents, and source code repositories. CISA has issued an emergency directive for affected agencies to review and enhance security measures, including analyzing exfiltrated content, resetting compromised credentials, and securing authentication tools for privileged Microsoft Azure accounts. Midnight Blizzard, also known as Nobelium and Cozy Bear, is associated with Russia’s Foreign Intelligence Service and was behind the 2020 SolarWinds hack.