The recent breach into Microsoft’s network and its top executives’ email by hackers, traced back to Russia-state group Midnight Blizzard, was facilitated through an outdated test account with administrative privileges. The hackers employed a technique called “password spraying” to exploit a weak credential and infiltrate the unprotected account. They compounded this access by creating a malicious app, granting it rights to every email on Microsoft’s Office 365 service.
CISA Releases Security Advisory on 13 Industrial Control System Threats
The Cybersecurity and Infrastructure Security Agency (CISA) issued thirteen advisories to address vulnerabilities in industrial control systems (ICS), mainly in various Siemens systems and products
