topic Microsoft Officials’ eMail Breached by State-Sponsored Threat Actors in Threats https://community.isc2.org/t5/Threats/Microsoft-Officials-eMail-Breached-by-State-Sponsored-Threat/m-p/66487#M1044 <P>Dear All,</P><P>&nbsp;</P><P>In a January 19 blog post, Microsoft disclosed that some of their corporate email accounts were compromised by a state-sponsored threat actor. Starting late last year, “the threat actor used a password spray attack to compromise a legacy non-production test tenant account and gain a foothold, and then used the account’s permissions to access a very small percentage of Microsoft corporate email accounts.” Microsoft became aware of the attack on January 12.</P><P>&nbsp;</P><P><A href="https://www.bleepingcomputer.com/news/security/russian-hackers-stole-microsoft-corporate-emails-in-month-long-breach/?is=12aceb95f78a59af1317cc4ec15f6e06e7c0e0bd3d6a9255b9e44810d70dbba5" target="_blank">Russian hackers stole Microsoft corporate emails in month-long breach (bleepingcomputer.com)</A></P><P>&nbsp;</P><P>&nbsp;</P> Wed, 24 Jan 2024 02:12:33 GMT Kyaw_Myo_Oo 2024-01-24T02:12:33Z Microsoft Officials’ eMail Breached by State-Sponsored Threat Actors https://community.isc2.org/t5/Threats/Microsoft-Officials-eMail-Breached-by-State-Sponsored-Threat/m-p/66487#M1044 <P>Dear All,</P><P>&nbsp;</P><P>In a January 19 blog post, Microsoft disclosed that some of their corporate email accounts were compromised by a state-sponsored threat actor. Starting late last year, “the threat actor used a password spray attack to compromise a legacy non-production test tenant account and gain a foothold, and then used the account’s permissions to access a very small percentage of Microsoft corporate email accounts.” Microsoft became aware of the attack on January 12.</P><P>&nbsp;</P><P><A href="https://www.bleepingcomputer.com/news/security/russian-hackers-stole-microsoft-corporate-emails-in-month-long-breach/?is=12aceb95f78a59af1317cc4ec15f6e06e7c0e0bd3d6a9255b9e44810d70dbba5" target="_blank">Russian hackers stole Microsoft corporate emails in month-long breach (bleepingcomputer.com)</A></P><P>&nbsp;</P><P>&nbsp;</P> Wed, 24 Jan 2024 02:12:33 GMT https://community.isc2.org/t5/Threats/Microsoft-Officials-eMail-Breached-by-State-Sponsored-Threat/m-p/66487#M1044 Kyaw_Myo_Oo 2024-01-24T02:12:33Z