Emails from Microsoft 'senior leaders' compromised by Russian hacker group

A recent report from cybersecurity company FireEye has revealed that a Russian hacking group known as APT29 or Cozy Bear has compromised the email accounts of several senior executives at Microsoft. The hackers used a sophisticated phishing campaign to trick victims into clicking on malicious links that installed a backdoor on their devices, allowing attackers to access their emails and other sensitive data.

According to FireEye, the hacking group is likely linked to the Russian government and has been targeting organizations involved in COVID-19 vaccine research, as well as government agencies, think tanks, and media outlets. The group is also believed to be behind the SolarWinds breach that affected thousands of organizations in 2020.

Microsoft confirmed the incident and said it is working closely with FireEye and other partners to investigate and respond to the attack. The company also said it has taken steps to secure its network and protect its customers from any potential harm.

The breach is another reminder of the growing cyber threats facing organizations and individuals in the digital age. It also highlights the need for strong cybersecurity practices and awareness among employees, especially those who handle sensitive or confidential information. As FireEye CEO Kevin Mandia said, “This incident demonstrates why the security industry must work together to defend and respond to these pernicious threats.”

Microsoft reveals cyber attack by Russian hacker group

Microsoft has announced that it was the target of a sophisticated cyberattack by a Russian hacking group known as Midnight Blizzard or Nobelium. This is the same group that was behind the SolarWinds breach in 2019.

The attack took place on January 12, when hackers used a password spraying technique to gain access to a legacy, non-production test tenant account. From there, they were able to view a small number of Microsoft corporate email accounts, including some members of the senior leadership team and staff in legal, cybersecurity, and other functions.

Microsoft says the hackers were specifically interested in information related to Midnight Blizzard and that they did not exploit any vulnerabilities in Microsoft systems or products. The company also says there was no impact on its customers or services.

Microsoft is conducting a thorough investigation of the incident and is working with relevant authorities and regulators. The company says it will take additional action based on the findings and will continue to monitor and protect its networks from malicious actors.