Storm-0558, so says Microsoft. Chinese hackers infiltrated a Microsoft engineer’s business account and grabbed a signing key that was used to get into government email accounts from a Windows crash dump.
Around twenty companies’ Exchange Online and Azure Active Directory (AD) accounts were compromised by the attackers using the stolen MSA key, including American government departments like the State and Commerce Departments.
They were able to fabricate signed access tokens and pose as accounts inside the targeted orgs by taking use of a now-patched zero-day validation flaw in the GetAccessTokenForResourceAPI read more Hackers stole Microsoft signing key from Windows crash dump.
Stay informed with the best cybersecurity news and raise your cybersecurity awareness with our comprehensive coverage of the latest threats, breaches, and solutions.