Microsoft ‘senior leadership’ emails accessed by Russian SolarWinds hackers

Illustration of the Microsoft wordmark on a green background
Illustration: The Verge

Microsoft is revealing today that it has discovered a nation-state attack on its corporate systems from the same Russian state-sponsored group of hackers that were responsible for the sophisticated SolarWinds attack. Microsoft says the hackers, known as Nobelium, were able to access email accounts of some members of its senior leadership team late last year.

“Beginning in late November 2023, the threat actor used a password spray attack to compromise a legacy non-production test tenant account and gain a foothold, and then used the account’s permissions to access a very small percentage of Microsoft corporate email accounts, including members of our senior leadership team and employees in our cybersecurity, legal, and other functions,…

Continue reading…

Posted by Experimentor