Microsoft says a Russian state-sponsored hacking group known as Midnight Blizzard/Nobelium used a password spray attack to compromise a legacy non-production test tenant account and gain a foothold, and then used the account’s permissions to access a very small percentage of
"Microsoft corporate email accounts, including members of our senior leadership team and employees in our cybersecurity, legal, and other functions, and exfiltrated some emails and attached documents. The investigation indicates they were initially targeting email accounts for information related to Midnight Blizzard itself."
https://msrc.microsoft.com/blog/2024/01/microsoft-actions-following-attack-by-nation-state-actor-midnight-blizzard/
Password spraying is low-tech and pervasive. The good news is, you can password spray your own users just like the bad guys can, and then tighten things up.
BrianKrebs /
npub1rf…5t9xk
2024-01-20 00:04:50
Author Public Key
npub1rfdvtvmesnz7x7s3hjg5q2dgrup9xfh209gvj36angljrfy5edtq25t9xkPublished at
2024-01-20 00:04:50Event JSON
{
"id": "84efc8f3170fd3467d3df9c66a9a7947501f959d8490c4b4e0e0b832426160d4",
"pubkey": "1a5ac5b37984c5e37a11bc914029a81f025326ea7950c9475d9a3f21a494cb56",
"created_at": 1705709090,
"kind": 1,
"tags": [
[
"proxy",
"https://infosec.exchange/users/briankrebs/statuses/111785350937086770",
"activitypub"
]
],
"content": "Microsoft says a Russian state-sponsored hacking group known as Midnight Blizzard/Nobelium used a password spray attack to compromise a legacy non-production test tenant account and gain a foothold, and then used the account’s permissions to access a very small percentage of \n\n\"Microsoft corporate email accounts, including members of our senior leadership team and employees in our cybersecurity, legal, and other functions, and exfiltrated some emails and attached documents. The investigation indicates they were initially targeting email accounts for information related to Midnight Blizzard itself.\"\n\nhttps://msrc.microsoft.com/blog/2024/01/microsoft-actions-following-attack-by-nation-state-actor-midnight-blizzard/\n\nPassword spraying is low-tech and pervasive. The good news is, you can password spray your own users just like the bad guys can, and then tighten things up.",
"sig": "8d09ad2f4a54fd0c3a3385d793724f4ab888685a21a4b4e4c077cf41b7cfb35ee2235ca6a2938d754197d84b9a733f694aa7f5d4b8170b59aa7a1e2b1f0f92df"
}