Microsoft’s security team has detected an attack on its corporate systems by the Russian state-sponsored actor known as Nobelium, also referred to as Midnight Blizzard. The attack, discovered on January 12, 2024, prompted an immediate activation of Microsoft’s response process to investigate, disrupt malicious activity, mitigate the attack, and deny the threat actor further access.
The investigation revealed that the threat actor used a password spray attack in late November 2023 to compromise a legacy non-production test tenant account. They then accessed some Microsoft corporate email accounts, exfiltrating emails and attached documents, focusing on gathering information related to Midnight Blizzard.
Notably, the attack did not exploit any vulnerability in Microsoft products or services, and there is currently no evidence to suggest that the threat actor gained access to customer environments, production systems, source code, or AI systems. Microsoft has committed to responsible transparency and will continue its investigation, collaborating with law enforcement and regulators.
For more information, visit Microsoft’s Security Response Center at https://msrc.microsoft.com/blog/2024/01/microsoft-actions-following-attack-by-nation-state-actor-midnight-blizzard/.
The 128 series brings you byte-sized news for busy professionals. The full story can be found here:http://cmd.news/article/industry-news/microsoft-detects-nation-state-attack-by-russian-state-sponsored-actor/
