Chirp!
  • Login
Chirp! is a GNU Social instance for the Cooley and Sekula families and their friends.

  • Public

    • Public
    • Network
    • Groups
    • Popular
    • People

Conversation

Notices

  1. LinuxWalt (@lnxw48a1) {3EB165E0-5BB1-45D2-9E7D-93B31821F864} (lnxw48a1@nu.federati.net)'s status on Wednesday, 12-Jul-2023 22:42:34 UTC LinuxWalt (@lnxw48a1) {3EB165E0-5BB1-45D2-9E7D-93B31821F864} LinuxWalt (@lnxw48a1) {3EB165E0-5BB1-45D2-9E7D-93B31821F864}
    #Security

    #Microsoft_365 breached by #China

    See thread starting at https://cyberplace.social/@GossiTheDog/110700908976946435 ... https://cyberplace.social/@GossiTheDog/110702046297147809

    > For anybody interested - the “acquired Microsoft account (MSA) consumer signing key” used in this must have come from inside Microsoft’s internal network. -- https://cyberplace.social/@GossiTheDog/110702228469010595

    Includes the following links:

    * https://nu.federati.net/url/290987 [msrc microsoft com]

    * https://nu.federati.net/url/290988 [edition cnn com]

    * https://nu.federati.net/url/290989 [www cisa gov | pdf]

    * https://www.wsj.com/articles/chinese-hackers-spied-on-state-department-13a09f03 [www wsj com]

    #US_Govt #Microsoft #MSFT #Azure #Office_365 #penetration #Outlook #Exchange #cloud
    In conversation Wednesday, 12-Jul-2023 22:42:34 UTC from nu.federati.net permalink

    Attachments

    1. No result found on File_thumbnail lookup.
      Kevin Beaumont (@GossiTheDog@cyberplace.social)
      from Kevin Beaumont
      Microsoft quietly snuck out a blog yesterday to say that Office 365 got compromised by China and used to steal emails. Thread follows. https://msrc.microsoft.com/blog/2023/07/microsoft-mitigates-china-based-threat-actor-storm-0558-targeting-of-customer-email/
    2. No result found on File_thumbnail lookup.
      Kevin Beaumont (@GossiTheDog@cyberplace.social)
      from Kevin Beaumont
      WSJ reporting the Microsoft 365 hack was used to spy on the State Department. https://www.wsj.com/articles/chinese-hackers-spied-on-state-department-13a09f03
    3. No result found on File_thumbnail lookup.
      Kevin Beaumont (@GossiTheDog@cyberplace.social)
      from Kevin Beaumont
      For anybody interested - the “acquired Microsoft account (MSA) consumer signing key” used in this must have come from inside Microsoft’s internal network.
    4. Microsoft mitigates China-based threat actor Storm-0558 targeting of customer email | MSRC Blog | Microsoft Security Response Center
      from MSRC
      Microsoft mitigates China-based threat actor Storm-0558 targeting of customer email
    5. China-based hackers breached US government email accounts, Microsoft and White House say | CNN Politics
      from Sean Lyngaas
      China-based hackers have breached email accounts at two-dozen organizations, including some United States government agencies, in an apparent spying campaign aimed at acquiring sensitive information, according to statements from Microsoft and the White House late Tuesday.

    7. Chinese Hackers Spied on State Department
      from Dustin Volz and William Mauldin
      The State Department was among the federal agencies compromised in a newly discovered Chinese hacking campaign, according to people familiar with the matter.

    Feeds

    • Activity Streams
    • RSS 2.0
    • Atom
    • Help
    • About
    • FAQ
    • Privacy
    • Source
    • Version
    • Contact

    Chirp! is a social network. It runs on GNU social, version 2.0.1-beta0, available under the GNU Affero General Public License.

    Creative Commons Attribution 3.0 All Chirp! content and data are available under the Creative Commons Attribution 3.0 license.