all InfoSec news
Microsoft: Compromised Account, Series of Errors Led to Email Cloud Hack
Malware Analysis, News and Indicators - Latest topics malware.news
Microsoft has detailed how China-based threat actors behind a cyberattack disclosed earlier this year accessed a Microsoft account consumer signing key, allowing them to forge tokens to access OWA and Outlook.com and ultimately compromise enterprise mail accounts.
While Microsoft in its initial disclosure of the attack in July said that attackers were able to access the private, inactive Microsoft consumer account key, questions remained about how they acquired that key. After further investigation, Microsoft revealed on Wednesday that the attackers …
access account accounts attack china cloud compromise compromised consumer cyberattack disclosure email enterprise errors forge hack july key led mail microsoft outlook outlook.com owa series signing signing key threat threat actors tokens ultimately