A “cascade” of errors let Chinese hackers into US government inboxes

Microsoft still doesn’t known how Storm-0558 attackers managed to steal the Microsoft Services Account cryptographic key they used to forge authentication tokens needed to access email accounts belonging to US government officials. “The stolen 2016 MSA key in combination with [a] flaw in the token validation system permitted the threat actor to gain full access to essentially any Exchange Online account,” CISA’s Cyber Safety Review Board (CSRB) noted in a recently released Review of the … More →

The post …

access account accounts apt attackers authentication chinese chinese hackers cisa cloud security cryptographic csp don't miss email errors flaw forge government government-backed attacks hackers hot stuff key managed microsoft msa key officials services steal stolen storm storm-0558 system token tokens uk usa validation