The recent breach into Microsoft’s network and its top executives’ email by hackers, traced back to Russia-state group Midnight Blizzard, was facilitated through an outdated test account with administrative privileges. The hackers employed a technique called “password spraying” to exploit a weak credential and infiltrate the unprotected account. They compounded this access by creating a malicious app, granting it rights to every email on Microsoft’s Office 365 service.

Week in review: High severity WordPress vulnerabilities, fake OAuth IDs bypass sign-in logs
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Two new high severity WordPress vulnerabilities, patch immediately! The 7.0.2


