Search
Close this search box.
An image of a white envelope with a blue lock symbol in the center, shown with cracks symbolizing a breach in cybersecurity. The envelope is set against a blue background, and a small Microsoft logo is located near the bottom.

Sophisticated APT Cyberattack Linked to Russia Compromises Email Systems, Microsoft and Senior Executives Targeted

NewsroomCyber Espionage / Emails Security Jan 20, 2024

 

The theft of emails and attachments from senior executives and other members of the company’s cybersecurity and legal departments resulted in Microsoft being the target of a nation-state attack on its corporate systems, it was revealed on Friday.

APT29, BlueBravo, Cloaked Ursa, Cozy Bear, and The Dukes are other names for the Russian advanced persistent threat ( APT ) group that the Windows maker tracks as Midnight Blizzard ( previously Nobelium ).

It added that as soon as the malicious activity was discovered on January 12, 2024, it immediately took steps to investigate, disrupt, and mitigate it. According to estimates, the campaign started in late November 2023.

Cybersecurity

The threat actor “exfiltrated some emails and attached documents” and “used the account’s permissions to access a very small percentage of Microsoft corporate email accounts, including members of our senior leadership team and employees in our cybersecurity, legal, and other functions,” according to Microsoft.

According to Redmond, the targeting’s nature suggests that the threat actors were seeking access to information about themselves. It also emphasized that there is no proof that the attacker accessed customer environments, production systems, source code, or AI systems and that it was not the result of any security flaw in its products.

The computing behemoth, however, said it was the process of notifying employees who were impacted as a result of the incident and did not disclose how many email accounts were infiltrated or what information was accessed.

Cybersecurity

The hacking group, which was previously in charge of the high-profile SolarWinds supply chain compromise, has singled out Microsoft twice, once in December 2020 to steal source code related to Azure, Intune, and Exchange components and twice in June 2021 to breach three of its customers using password spraying and brute force attacks.

According to the Microsoft Security Response Center ( MSRC ),” this attack does highlight the ongoing risk posed to all organizations by well-resourced nation-state threat actors like Midnight Blizzard.”

 

View Related Posts: 

Meet the Airmen Who Assist Families of the Fallen During Respected Transfers

 

Lean More About DoD Cybersecurity, Cyber Threats and Related Contents

Learn why IDShield offers the best security and value.

www.sentrypc.com

PureVPN - Best VPN and Your Trusted Partner for Internet Freedom

🔥BIG SAVINGS 82% Off PureVPN.🔥 Secure Your Online Privacy Now. LIMITED OFFER!

🔥 SAVE 82% OFF 🔥 on PureVPN! Limited Offer – Enhance Your Digital Security Today.
Click To View Offer on PureVPN Website

NordVPN - Your Passport to Unrestricted Freedom

Embrace Digital Freedom and Security with NordVPN.
🔥Up To 63% Off🔥

Start Today Your Journey to a Safer Internet Today!
Click To View Offer on NordVPN Website

Protect Your Data with DeleteMe the Go-To-Solution

DeleteMe is Your Guardian Against Identity Theft and Online Exposure!
🔥Take 20% Off - Click Here to View Code🔥
Malwarebytes Browser Guard filters out annoying ads and scams while blocking trackers that spy on you.
Malwarebytes for Home | Anti-Malware Premium | Free Trial Download
Try Ultahost - The best place to get secure, inexpensive shared web hosting services!
View deals and specials on Used Macs, Mac hardware, Mac accessories, and more. Shop now!

DoD Cybersecurity protecting your digital world one secure step at a time with DoD Cybersecurity Blogs.
DoDCybersecurityblogs.com | All Rights Reserved | Designed by Omar Solomon

Skip to content