all InfoSec news
CSRB: Microsoft Should Refocus on Security After Cloud Intrusion
Malware Analysis, News and Indicators - Latest topics malware.news
In a new report on last summer’s compromise of more than 20 Microsoft customers, including the Department of State, by a Chinese state-affiliated threat group, the Cyber Safety Review Board (CSRB) cited a series of failures in Microsoft’s internal security practices and cloud platform controls that led to the attackers gaining access to a cryptographic signing key that in turn handed them the ability to access victims’ cloud-based email inboxes.
The CSRB report, released Tuesday, is the end …
attackers board chinese cloud cloud platform compromise controls csrb customers cyber cyber safety cyber safety review board department department of state failures internal intrusion led microsoft platform practices report review safety security series state summer threat threat group