Results of Major Technical Investigations for Storm-0558 Key Acquisition | allinfosecnews.com

Sept. 6, 2023, 7 a.m. |

Microsoft Security Response Center msrc-blog.microsoft.com

On July 11, 2023, Microsoft published a blog post which details how the China-Based threat actor, Storm-0558, used an acquired Microsoft account (MSA) consumer key to forge tokens to access OWA and Outlook.com. Upon identifying that the threat actor had acquired the consumer key, Microsoft performed a comprehensive technical investigation into the acquisition of the Microsoft account consumer signing key, including how it was used to access enterprise email.

access account acquisition actor blog blog post china consumer forge investigation investigations july key major microsoft outlook outlook.com owa results storm storm-0558 technical threat threat actor tokens

More from msrc-blog.microsoft.com / Microsoft Security Response Center

Congratulations to the Top MSRC 2024 Q1 Security Researchers! 1 week, 6 days ago | msrc-blog.microsoft.com

check chen customers hard +13

Toward greater transparency: Adopting the CWE standard for Microsoft CVEs 3 weeks, 1 day ago | msrc-blog.microsoft.com

center communities current customers +20

Embracing innovation: Derrick’s transition from banking to Microsoft’s Threat Intelligence team 4 weeks ago | msrc-blog.microsoft.com

analysts banking collect curiosity +20

Update on Microsoft Actions Following Attack by Nation State Actor Midnight Blizzard 1 month, 3 weeks ago | msrc-blog.microsoft.com

actions actor attack blizzard +24

Faye’s Journey: From Security PM to Diversity Advocate at Microsoft 2 months ago | msrc-blog.microsoft.com

career deployment desktop desktops +9

Microsoft boosts its Microsoft 365 Insider Builds on Windows Bounty Program with higher awards and … 2 months ago | msrc-blog.microsoft.com

award awards bounty bug +16

From Indiana Jones to Cybersecurity: The Inspiring Journey of Devin 2 months ago | msrc-blog.microsoft.com

adventures cybersecurity dream found +7

An Obsession With Impact: The Inspiring Journey of a Dreamer That Led to a Career … 2 months, 1 week ago | msrc-blog.microsoft.com

bruce career college dream +13

New Security Advisory Tab Added to the Microsoft Security Update Guide 2 months, 2 weeks ago | msrc-blog.microsoft.com

advisory customers feedback guide +16

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations

View on infosec-jobs.com

Emergency Management Invoice Compliance Reviewer

@ AC Disaster Consulting | Denver, Colorado, United States - Remote

View on infosec-jobs.com

Threat Intelligence Librarian

@ Microsoft | Cheltenham, Gloucestershire, United Kingdom

View on infosec-jobs.com

Cyber Content Operations Manager - Remote in UK

@ Immersive Labs | United Kingdom

View on infosec-jobs.com

(Junior) Security Engineer (m/w/d)

@ CHECK24 | Berlin, Germany

View on infosec-jobs.com

Cyber Security

@ Necurity Solutions | Bengaluru, Karnataka, India

View on infosec-jobs.com