Microsoft itself stated that it did not identify any vulnerabilities and traces of hacking of the products or cloud services provided.
Presumably Russian hackers hacked into the computer systems of a Microsoft corporate partner and stole emails from users of Microsoft cloud services, as well as the correspondence of one of the private companies. This was reported by The Washington Post.
Microsoft itself stated that it did not identify any vulnerabilities and traces of hacking of the products or cloud services provided.
“Our investigation into recent attacks has identified incidents of abuse of credentials to gain access. We have not yet identified any vulnerabilities or compromises on Microsoft products or cloud services, ”explained Jeff Jones, senior director of communications.
We will remind, earlier Microsoft discovered malware on its networks, thus adding to the list of companies affected by the hacking of the Texas software manufacturer SolarWinds. Microsoft has notified "more than 40 customers" of the breach, some of which has been compromised by a third party. Specifically, attackers compromised the reseller by stealing credentials that could be used to gain broad access to Azure accounts. Once inside a particular customer's account, the attackers were able to read and steal emails and other information.
Microsoft is users of SolarWinds' Orion IT resource management platform, which has been updated with malware by hackers. The company also has products that could be exploited by cybercriminals to further attack its customers. So, on Thursday, December 17, the US National Security Agency even published a security notice describing how certain Microsoft Azure cloud services could be compromised by cybercriminals and redirect users to further block their systems.
Microsoft has said that the company has notified private sector customers of the issue and has also informed the US government, but newspaper sources said the government had not been notified.
In addition, the specialists of the American information security company Crowdstrike stated that hackers who attacked government and private organizations in the United States tried unsuccessfully to gain access to her mail. As noted by experts, on December 15, Microsoft representatives notified the company about the alleged “several months ago” attempts to access its systems using one of the accounts on the Microsoft cloud platform.
__________________
Presumably Russian hackers hacked into the computer systems of a Microsoft corporate partner and stole emails from users of Microsoft cloud services, as well as the correspondence of one of the private companies. This was reported by The Washington Post.
Microsoft itself stated that it did not identify any vulnerabilities and traces of hacking of the products or cloud services provided.
“Our investigation into recent attacks has identified incidents of abuse of credentials to gain access. We have not yet identified any vulnerabilities or compromises on Microsoft products or cloud services, ”explained Jeff Jones, senior director of communications.
We will remind, earlier Microsoft discovered malware on its networks, thus adding to the list of companies affected by the hacking of the Texas software manufacturer SolarWinds. Microsoft has notified "more than 40 customers" of the breach, some of which has been compromised by a third party. Specifically, attackers compromised the reseller by stealing credentials that could be used to gain broad access to Azure accounts. Once inside a particular customer's account, the attackers were able to read and steal emails and other information.
Microsoft is users of SolarWinds' Orion IT resource management platform, which has been updated with malware by hackers. The company also has products that could be exploited by cybercriminals to further attack its customers. So, on Thursday, December 17, the US National Security Agency even published a security notice describing how certain Microsoft Azure cloud services could be compromised by cybercriminals and redirect users to further block their systems.
Microsoft has said that the company has notified private sector customers of the issue and has also informed the US government, but newspaper sources said the government had not been notified.
In addition, the specialists of the American information security company Crowdstrike stated that hackers who attacked government and private organizations in the United States tried unsuccessfully to gain access to her mail. As noted by experts, on December 15, Microsoft representatives notified the company about the alleged “several months ago” attempts to access its systems using one of the accounts on the Microsoft cloud platform.
__________________