Microsoft says the Russian 'Midnight Blizzard' hacking group recently accessed some of its internal systems and source code repositories using authentication secrets stolen during a January cyberattack.

Microsoft reported a breach by Russian group ‘Midnight Blizzard,’ which accessed internal systems and source code using stolen authentication secrets from a January cyberattack. The unauthorized access was facilitated by a compromised non-production test account lacking multi-factor authentication and linked to an OAuth app with elevated privileges. Microsoft is contacting affected customers and has ramped up security measures to counter the persistent threat.

  • PsiczarEnglish
    6·
    3 months ago

    How the fuck does MS get hacked to the point where source code is leaked? It wouldn’t be sitting on a server called win-src-01 in their DMZ. I assume it is on servers within networks that a firewalled off from the regular network that only developers can get to and Peggy-Sue in Accounts can’t.