Microsoft on Friday revealed that it was the target of a nation-state attack on its corporate systems that resulted in the theft of emails and attachments from senior executives and other individuals in the company’s cybersecurity and legal departments.
The Windows maker attributed the attack to a Russian advanced persistent threat (APT) group it tracks as Midnight Blizzard (formerly Nobelium), which is also known as APT29, BlueBravo, Cloaked Ursa, Cozy Bear, and The Dukes.
The computing giant, however, did not disclose how many email accounts were infiltrated, and what information was accessed, but said it was the process of notifying employees who were impacted as a result of the incident.
The hacking outfit, which was previously responsible for the high-profile SolarWinds supply chain compromise, has singled out Microsoft twice, once in December 2020 to siphon source code related to Azure, Intune, and Exchange components, and a second time breaching three of its customers in June 2021 via password spraying and brute-force attacks.
“This attack does highlight the continued risk posed to all organizations from well-resourced nation-state threat actors like Midnight Blizzard,” the Microsoft Security Response Center (MSRC) said.
Source: https://thehackernews.com/