Search cyberveille.decio.ch

Found 7 bookmarks

Newest

Key Lesson from Microsoft's Password Spray Hack: Secure Every Account

In January 2024, Microsoft discovered they'd been the victim of a hack orchestrated by Russian-state hackers Midnight Blizzard (sometimes known as Nobelium). The concerning detail about this case is how easy it was to breach the software giant. It wasn't a highly technical hack that exploited a zero-day vulnerability – the hackers used a simple password spray attack to take control of an old, inactive account. This serves as a stark reminder of the importance of password security and why organizations need to protect every user account.

#thehackernews #EN #2024 #Microsoft #MidnightBlizzard #lesson-learned #password-spray

·thehackernews.com·Mar 30, 2024

Key Lesson from Microsoft's Password Spray Hack: Secure Every Account

Russian spies keep hacking into Microsoft in 'ongoing attack,' company says

Microsoft says the ongoing hacking is part of the Russian government's efforts to figure out what information Microsoft has on its hackers.

#techcrunch #EN #2024 #cyberattack #hacking #microsoft #MidnightBlizzard

·techcrunch.com·Mar 8, 2024

Russian spies keep hacking into Microsoft in 'ongoing attack,' company says

Update on Microsoft Actions Following Attack by Nation State Actor Midnight Blizzard | MSRC Blog | Microsoft Security Response Center

Update on Microsoft Actions Following Attack by Nation State Actor Midnight Blizzard

#Microsoft #EN #2024 #incident #update #Midnight #MidnightBlizzard

·msrc.microsoft.com·Mar 8, 2024

Update on Microsoft Actions Following Attack by Nation State Actor Midnight Blizzard | MSRC Blog | Microsoft Security Response Center

Midnight Blizzard: Guidance for responders on nation-state attack

The Microsoft security team detected a nation-state attack on our corporate systems on January 12, 2024, and immediately activated our response process to investigate, disrupt malicious activity, mitigate the attack, and deny the threat actor further access. The Microsoft Threat Intelligence investigation identified the threat actor as Midnight Blizzard, the Russian state-sponsored actor also known as NOBELIUM.

#microsoft #2024 #EN #Midnight #MidnightBlizzard #guide #attack #TTP

·microsoft.com·Jan 26, 2024

Midnight Blizzard: Guidance for responders on nation-state attack

Microsoft Actions Following Attack by Nation State Actor Midnight Blizzard

#microsoft #EN #2024 #annonce #MidnightBlizzard #APT29

·msrc.microsoft.com·Jan 20, 2024

Microsoft Actions Following Attack by Nation State Actor Midnight Blizzard

Microsoft's Top Execs' Emails Breached in Sophisticated Russia-Linked APT Attack

Microsoft on Friday revealed that it was the target of a nation-state attack on its corporate systems that resulted in the theft of emails and attachments from senior executives and other individuals in the company's cybersecurity and legal departments. The Windows maker attributed the attack to a Russian advanced persistent threat (APT) group it tracks as Midnight Blizzard (formerly Nobelium), which is also known as APT29, BlueBravo, Cloaked Ursa, Cozy Bear, and The Dukes.

#thehackernews #en #2024 #Microsoft #APT29 #Russia #theft #mail #executives #attack #MidnightBlizzard

·thehackernews.com·Jan 20, 2024

Microsoft's Top Execs' Emails Breached in Sophisticated Russia-Linked APT Attack

Midnight Blizzard conducts targeted social engineering over Microsoft Teams

Microsoft Threat Intelligence has identified highly targeted social engineering attacks using credential theft phishing lures sent as Microsoft Teams chats by the threat actor that Microsoft tracks as Midnight Blizzard (previously tracked as NOBELIUM).

#microsoft #EN #2023 #research #Social-engineering #NOBELIUM #MidnightBlizzard #Teams

·microsoft.com·Aug 4, 2023

Midnight Blizzard conducts targeted social engineering over Microsoft Teams