23.01.2024 22:04:26
|
Microsoft Discloses Breach By Russian Cybercriminals
(RTTNews) - Microsoft Corp. (MSFT) announced that its corporate systems were breached by Russian state-sponsored threat actors in November 2023. However, the intrusion remained undetected until January 2024.
The group responsible for the attack, known as Midnight Blizzard (also APT29, Cozy Bear, or Nobelium), was previously involved in the SolarWinds supply chain attack in 2020.
According to the Microsoft Security Research Center, the attackers utilized a basic password spray attack to compromise several poorly protected corporate email accounts, including those of senior leadership, legal teams, and cybersecurity teams. Consequently, the company is now advocating for an overhaul of its older systems. The breached email accounts contained information sought by the attackers about Microsoft's knowledge of Midnight Blizzard.
Despite the breach, Microsoft has stated that it was able to cut off access to the compromised accounts after the discovery and has assured customers that the hackers did not gain access to AI systems, customer environments, source codes, or production systems.
The company has collaborated with law enforcement and regulators to manage the breach. This incident underscores the importance of adhering to security best practices. Although there are advanced attack methods, hackers often succeed with simple techniques such as password spraying and brute force attacks.
The fact that the threat actors could access Microsoft's accounts for two months without being noticed also revealed a lack of attention to security postures, emphasizing the importance of continuously monitoring cloud logs.
Furthermore, the breach underscores the significance of ongoing cloud log monitoring for security. The successful cyberattack against Microsoft emphasizes the need to protect sensitive information in less critical systems like email and file sharing. Experts suggest implementing continuous monitoring of cloud logs to identify unusual activities before attackers gain access and extract sensitive data.
Wenn Sie mehr über das Thema Aktien erfahren wollen, finden Sie in unserem Ratgeber viele interessante Artikel dazu!
Jetzt informieren!
Nachrichten zu Microsoft Corp.mehr Nachrichten
20.12.24 |
Freitagshandel in New York: Dow Jones verliert zum Handelsstart (finanzen.at) | |
20.12.24 |
Why Microsoft needs nuclear energy (Financial Times) | |
19.12.24 |
Microsoft-Aktie schwächer: ChatGPT von Microsoft-Investment OpenAI kann nun auch telefonisch erreicht werden (dpa-AFX) | |
18.12.24 |
Optimismus in New York: Dow Jones am Nachmittag freundlich (finanzen.at) | |
18.12.24 |
Gute Stimmung in New York: Dow Jones-Anleger greifen mittags zu (finanzen.at) | |
18.12.24 |
Microsoft-Aktie sinkt dennoch: UBS sieht weiteres Potenzial und empfiehlt weiterhin 'Buy' (dpa-AFX) | |
18.12.24 |
Optimismus in New York: Dow Jones zum Start des Mittwochshandels in der Gewinnzone (finanzen.at) | |
18.12.24 |
FirstFT: Microsoft buys twice as many Nvidia AI chips as its rivals in 2024 (Financial Times) |
Analysen zu Microsoft Corp.mehr Analysen
18.12.24 | Microsoft Buy | UBS AG | |
12.12.24 | Microsoft Outperform | RBC Capital Markets | |
20.11.24 | Microsoft Buy | Jefferies & Company Inc. | |
20.11.24 | Microsoft Buy | Goldman Sachs Group Inc. | |
20.11.24 | Microsoft Overweight | JP Morgan Chase & Co. |