tldrdaily.news logo
Tag

Svr

All articles tagged with #svr

cybersecurity1 year ago

"Microsoft Continues Battle Against Russian State Hackers"

Microsoft is still grappling with Russian state hackers who breached the email accounts of senior company executives in November and have been attempting to breach customer networks using stolen access data. The hackers, known as Cozy Bear, are linked to Russia's SVR foreign intelligence service and have compromised source-code repositories and internal systems. Microsoft has disclosed that the hackers stole "secrets" from email communications, including cryptographic secrets, and is reaching out to affected customers to assist in mitigating measures. The ongoing attack raises concerns about the national security implications and the heavy reliance on Microsoft's software monoculture, with cybersecurity experts criticizing the company's handling of vulnerabilities and security practices.

via The Independent|
#cybersecurity#data-breach#microsoft
cybersecurity1 year ago

"Microsoft Continues Battle Against Russian State-Backed Hackers"

Microsoft admits that Russian state hackers, known as Cozy Bear, are still active within its systems, with access to stolen email communications and source code repositories. The hackers, linked to the SVR foreign intelligence service, have compromised customer networks using stolen access data and continue to pose a significant threat. This revelation raises concerns about the national security implications and the potential for supply chain attacks against Microsoft's customers. Cybersecurity experts criticize Microsoft's handling of the situation and express alarm over the ongoing breaches, while the company states that it has not yet determined the financial impact of the incident.

via Fortune|
#cybersecurity#microsoft#national-security
cybersecurity1 year ago

"Microsoft Battles Russian State Hackers: Breaches and Stolen Source Code"

Microsoft is still grappling with Russian state hackers who breached the email accounts of senior executives in November and have been attempting to infiltrate customer networks using stolen access data. The hackers, linked to Russia's SVR foreign intelligence service, used the stolen data to compromise source-code repositories and internal systems. Microsoft revealed that the hackers obtained "secrets" from email communications, such as passwords and authentication keys, and may be leveraging supply chain attacks against its customers. The ongoing breach underscores the significant national security implications and the risks associated with the heavy reliance on Microsoft's software.

via The Associated Press|
#cybersecurity#data-breach#microsoft
cybersecurity1 year ago

"Evolution of Russian Cyber Actors' Tactics in Cloud Attacks"

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an advisory detailing the tactics, techniques, and procedures (TTPs) of the SVR-attributed cyber espionage group APT29, also known as Midnight Blizzard, the Dukes, or Cozy Bear. The advisory outlines how these actors have adapted to target cloud-based infrastructure, including accessing cloud environments, using service and dormant accounts, employing cloud-based token authentication, enrolling new devices to the cloud, and utilizing residential proxies to stay covert. The report also provides mitigation and detection strategies to defend against these tactics.

via CISA|
#apt29#cloud-infrastructure#cybersecurity
cybersecurity1 year ago

"Unraveling the Russian Hacks: Microsoft and HPE Cybersecurity Breaches Exposed"

Security experts anticipate more companies to reveal email hacks by Russian intelligence agents, following disclosures by Microsoft and Hewlett-Packard Enterprise. The attacks are deeper and broader than currently known, with more than 10 companies expected to come forward. The SVR foreign intelligence service, known as Midnight Blizzard or Cozy Bear, has been inside targeted companies for months, using sophisticated techniques to gain access. The breaches are concerning as many companies and agencies rely on Microsoft and HPE for cloud services, including email. The Department of Homeland Security is working to learn more about the attack and its potential impact, while Microsoft's detection technique suggests multiple targets have been hit with an attack method that works against its system for authorizing access.

via The Washington Post|
#cybersecurity#email-hacks#microsoft
cybersecurity2 years ago

Russian State-Backed Hackers Breach Microsoft Corporate Emails

State-backed Russian hackers breached Microsoft's corporate email system, accessing the accounts of senior leaders and employees in cybersecurity and legal teams. The intrusion, discovered in January, was attributed to the same Russian hacking team responsible for the SolarWinds breach. Microsoft stated that only a small percentage of corporate accounts were accessed, and some emails and documents were stolen. The company has removed the hackers' access and is in the process of notifying affected employees. The attack was initiated by compromising credentials on a "legacy" test account, and Microsoft has clarified that there is no evidence of the threat actor having access to customer environments, production systems, source code, or AI systems.

via NPR|
#cybersecurity#data-breach#microsoft
cybersecurity2 years ago

Russian Hackers Breach Microsoft's Senior Leadership Emails

Microsoft revealed that Russian hackers, linked to Russia's SVR spy agency, breached the email accounts of its senior leadership and legal teams after initially targeting employees tracking Russian hackers. The hackers gained access by bombarding an account with possible passwords, then used it to view select employees' email accounts and download attachments. Microsoft believes customers and products were not affected and is notifying affected employees. The incident underscores the ongoing threat posed by well-resourced nation-state actors to organizations.

via NBC News|
#cybersecurity#hacking#microsoft