Free Video Downloader

Fast and free all in one video downloader

For Example: https://www.youtube.com/watch?v=OLCJYT5y8Bo

1

Copy shareable video URL

2

Paste it into the field

3

Click to download button

Chinese hackers raided US government email accounts by exploiting Microsoft cloud bug
July 14, 2023

Chinese hackers raided US government email accounts by exploiting Microsoft cloud bug

MediaDownloaderSecurity
Reading Time: 2 minutes

Chinese hackers exploited a flaw in Microsoft’s cloud email service to gain access to the email accounts of U.S. government employees, the technology giant has confirmed.

The hacking group, tracked as Storm-0558, compromised approximately 25 email accounts, including government agencies, as well as related consumer accounts linked to individuals associated with these organizations, according to Microsoft. ‘Storm’ is a nickname used by Microsoft to track hacking groups that are new, emerging or ‘in development.’

Microsoft’s investigation determined that Storm-0558, a China-based hacking group that the firm describes as a ‘well-resourced’ adversary, gained access to email accounts using Outlook Web Access in Exchange Online (OWA) and Outlook.com by forging authentication tokens to access user accounts. In its technical analysis of the attack, Microsoft explained that the hackers used an acquired Microsoft consumer signing key to forge tokens to access OWA and Outlook.com. Then, the hackers exploited a token validation issue to impersonate Azure AD users and gain access to enterprise email accounts.

Storm-0885’s malicious activity had gone undetected for about a month until customers alerted Microsoft to anomalous mail activity, Microsoft said.

‘We assess this adversary is focused on espionage, such as gaining access to email systems for intelligence collection. This type of espionage-motivated adversary seeks to abuse credentials and gain access to data residing in sensitive systems’, said Charlie Bell, Microsoft’s top cybersecurity executive.

Microsoft said the attack was successfully mitigated and that Storm-0558 no longer has access to the compromise accounts. However, the company has not said whether any sensitive data was exfiltrated over the month-long period that the attackers had access.

Reference: https://techcrunch.com/2023/07/12/chinese-hackers-us-government-microsoft-email/

Ref: techcrunch

MediaDownloader.net -> Free Online Video Downloader, Download Any Video From YouTube, VK, Vimeo, Twitter, Twitch, Tumblr, Tiktok, Telegram, TED, Streamable, Soundcloud, Snapchat, Share, Rumble, Reddit, PuhuTV, Pinterest, Periscope, Ok.ru, MxTakatak, Mixcloud, Mashable, LinkedIn, Likee, Kwai, Izlesene, Instagram, Imgur, IMDB, Ifunny, Gaana, Flickr, Febspot, Facebook, ESPN, Douyin, Dailymotion, Buzzfeed, BluTV, Blogger, Bitchute, Bilibili, Bandcamp, Akıllı, 9GAG

chinaCybersecuritymicrosoftus government

Leave a Reply

Your email address will not be published. Required fields are marked *