all InfoSec news
Russians Used Microsoft’s Stolen Authentication Secrets to Access Source Code
Heimdal Security Blog heimdalsecurity.com
Midnight Blizzard hackers used Microsoft’s stolen authentication secrets to advance into their internal system and access source code. The Russian attackers initially used password spraying to get into a legacy non-production test tenant account. Microsoft disclosed this initial attack in January 2024. The compromised account had access to an OAuth application with elevated privilege to […]
The post Russians Used Microsoft’s Stolen Authentication Secrets to Access Source Code appeared first on Heimdal Security Blog.
access account attack attackers authentication blizzard code compromised cybersecurity news hackers internal january january 2024 legacy microsoft midnight midnight blizzard non oauth password password spraying production russian russians secrets source code spraying stolen system test