Russia-Sponsored Cyberattackers Infiltrate Microsofts Code Base

  /     /     /  
Publicated : 23/11/2024   Category : security


Russia-Sponsored Cyberattackers Infiltrate Microsofts Code Base


The Midnight Blizzard APT is mounting a sustained, focused cyber campaign against the computing kahuna, using secrets it stole from emails back in January.



The Russian state-sponsored advanced persistent threat (APT) group known as Midnight Blizzard has nabbed Microsoft source code after accessing internal repositories and systems, as part of an ongoing series of attacks by a very sophisticated adversary.
The Redmond giant noted today that the previously announced
cyber campaign by Midnight Blizzard
, which commenced in January, has evolved. Assailants are continually probing its environment in an attempt to use secrets of different types that it originally exfiltrated from internal emails. Its a sustained, significant commitment on the part of the group, according to Microsoft.

Midnight Blizzard is using information initially exfiltrated
from our corporate email systems to gain, or attempt to gain, unauthorized access [deeper into our environment], according to Microsofts blog post on the attack. This has included access to some of the company’s source code repositories and internal systems.
The group (aka
APT29, Cozy Bear, Nobelium, and UNC2452
) may also be laying the groundwork for future efforts, according to the post, using the information it has obtained to accumulate a picture of areas to attack and enhance its ability to do so.
Further, Microsoft said that the attackers are turning up the volume on
password-spraying attempts
, observing a tenfold increase in February against its accounts.
Ariel Parnes, chief operating officer and co-founder at Mitiga, noted in an emailed statement that the source-code heist could lead to a flurry of zero-day vulnerability exploitation.
For advanced nation-state cyber groups, access to a companys source code is akin to finding the master key to its digital kingdom, opening up avenues for finding new zero-day vulnerabilities: undiscovered security flaws that can be exploited before theyre known to the software creators or the public, he warned, adding that the Microsoft breach is clearly much more severe than initially understood, underscoring the critical nature of source code security in the digital age.
The good news is that theres so far no evidence that Midnight Blizzard has compromised Microsoft-hosted customer-facing systems; however, in some instances, secrets were shared between customers and Microsoft in email.
As we discover them in our exfiltrated email, according to the post, we have been and are reaching out to these customers to assist them in taking mitigating measures.

Last News

▸ Scan suggests Heartbleed patches may not have been successful. ◂
Discovered: 23/12/2024
Category: security

▸ IoT Devices on Average Have 25 Vulnerabilities ◂
Discovered: 23/12/2024
Category: security

▸ DHS-funded SWAMP scans code for bugs. ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
Russia-Sponsored Cyberattackers Infiltrate Microsofts Code Base