cognitive cybersecurity intelligence

News and Analysis

Search

In major gaffe, hacked Microsoft test account was assigned admin privileges

The recent breach into Microsoft’s network and its top executives’ email by hackers, traced back to Russia-state group Midnight Blizzard, was facilitated through an outdated test account with administrative privileges. The hackers employed a technique called “password spraying” to exploit a weak credential and infiltrate the unprotected account. They compounded this access by creating a malicious app, granting it rights to every email on Microsoft’s Office 365 service.

Source: arstechnica.com –

Subscribe to newsletter

Subscribe to HEAL Security Dispatch for the latest healthcare cybersecurity news and analysis.

More Posts

China-Linked Espionage Groups Target Asian Telecoms

Three Chinese-linked cyber-espionage groups, called Fireant, Neeedleminer, and Firefly by Broadcom’s cybersecurity division Symantec, have targeted telecommunications operators in Asia. Compromising these operators allows the