Chinese hackers breach US government emails using a Microsoft cloud bug
According to Microsoft, hackers from China have accessed the email accounts of about 25 organizations, including government organizations.
The attacks have been linked to a threat group known as Storm-0558, which is thought to be a cyber-espionage gang that specializes in hacking email networks to obtain sensitive information. The software behemoth has not specified the locations of the government organizations.
On June 16, 2023, Microsoft began looking into these attacks as a result of consumer complaints about odd Office 365 mail behavior. The business found that beginning on May 15, 2023, Storm-0558 threat actors gained access to customer accounts that were probably related to approximately 25 entities, including the U.S. State and Commerce Departments.
Microsoft did not, however, specify which businesses, institutions of government, or nations were impacted by these email security incidents. The U.S. government was referred to as "the world's biggest hacking empire and a global cyber thief" by the Chinese embassy in London, which also labeled the claim as "disinformation." Regardless of the facts or context, China constantly denies involvement in hacking operations.
A breach in Microsoft's cloud security "affected unclassified systems," according to Adam Hodge, a spokesman for the White House National Security Council, without providing any further details.
"Officials immediately contacted Microsoft to find the source and vulnerability in their cloud service," Hodge continued.
Hackers stole 25 emails
About 25 email accounts, including those of governmental agencies and linked consumer accounts belonging to people affiliated to these institutions, were hijacked by the cyber group Storm-0558, according to Microsoft. Microsoft uses the term "Storm" to identify and monitor hacker networks that are brand-new, growing, or "in development." Microsoft has not revealed the names of the government agencies targeted by Storm-0558.
According to Microsoft's study, the hacking group Storm-0558, which the company describes as a "well-resourced" adversary, used Outlook Web Access in Exchange Online (OWA) and Outlook.com to access user accounts by forging authentication tokens. According to Microsoft's technical examination of the assault, the hackers forged tokens to access OWA and Outlook.com using a Microsoft consumer signing key they had obtained. After that, the hackers used a token validation flaw to pretend to be Azure AD users and access corporate email accounts.
Storm-0885's harmful behavior went undiscovered for approximately a month before users warned the company about unusual mail activity, says Microsoft.
Advertisement
Are these articles AI generated?
Now the duplicates are more obvious.
This is below AI generated crap. It is copy of Microsoft Help website article without any relevant supporting text. Anyway you can find this information on many pages.
Yes, but why post the exact same article under a different title twice on the same day (19 march 2023), by two different writers?
1.) Excel Keyboard Shortcuts by Trevor Monteiro.
2.) 70+ Excel Keyboard Shortcuts for Windows by Priyanka Monteiro
Why oh why?
Yeah. Tell me more about “Priyanka Monteiro”. I’m dying to know. Indian-Portuguese bot ?
Probably they will announce that the taskbar will be placed at top, right or left, at your will.
Special event by they is a special crap for us.
If it’s Microsoft, don’t buy it.
Better brands at better prices elsewhere.
All new articles have zero count comments. :S
WTF? So, If I add one photo to 5 albums, will it count 5x on my storage?
It does not make any sense… on google photos, we can add photo to multiple albums, and it does not generate any additional space usage
I have O365 until end of this year, mostly for onedrive and probably will jump into google one
Photo storage must be kept free because customers chose gadgets just for photos and photos only.
What a nonsense. Does it mean that albums are de facto folders with copies of our pictures?
Sounds exactly like the poor coding Microsoft is known for in non-critical areas i.e. non Windows Core/Office Core.
I imagine a manager gave an employee the task to create the album feature with hardly any time so they just copied the folder feature with some cosmetic changes.
And now that they discovered what poor management results in do they go back and do the album feature properly?
Nope, just charge the customer twice.
Sounds like a go-getter that needs to be promoted for increasing sales and managing underlings “efficiently”, said the next layer of middle management.
When will those comments get fixed? Was every editor here replaced by AI and no one even works on this site?
Instead of a software company, Microsoft is now a fraud company.
For me this is proof that Microsoft has a back-door option into all accounts in their cloud.
quote “…… as the MSA key allowed the hacker group access to virtually any cloud account at Microsoft…..”
unquote
so this MSA key which is available to MS officers can give access to all accounts in MS cloud.This is the backdoor that MS has into the cloud accounts. Lucky I never got any relevant files of mine in their (MS) cloud.
>”Now You: what is your theory?”
That someone handed an employee a briefcase full of cash and the employee allowed them access to all their accounts and systems.
Anything that requires 5-10 different coincidences to happen is highly unlikely. Occam’s razor.
Good reason to never login to your precious machine with a Microsoft a/c a.k.a. as the cloud.
The GAFAM are always very careless about our software automatically sending to them telemetry and crash dumps in our backs. It’s a reminder not to send them anything when it’s possible to opt out, and not to opt in, considering what they may contain. And there is irony in this carelessness biting them back, even if in that case they show that they are much more cautious when it’s their own data that is at stake.