Tasken
Advanced
- Joined
- 22.09.20
- Messages
- 127
- Reaction score
- 960
- Points
- 63
In the company itself, Microsoft said that it did not identify any vulnerabilities and traces of hacking of the provided products or cloud service.
Allegedly, Russian hackers broke into the computer systems of a corporate partner of Microsoft and stole emails from users of Microsoft cloud services, as well as correspondence of one of the private companies. This was reported by the newspaper The Washington Post.
In the company itself, Microsoft said that it did not identify any vulnerabilities and traces of hacking of the provided products or cloud service.
"Our investigation into recent attacks has identified incidents involving the misuse of access credentials. So far, we have not identified any vulnerabilities or compromises in Microsoft products or cloud services," said Jeff Jones, senior Director of communications at the company.
Earlier, Microsoft found malware in its networks, adding to the list of companies affected by the hacking of the Texas software manufacturer SolarWinds. Microsoft notified "more than 40 customers" of the hack, some of which data was compromised by a third party. In particular, the attackers hacked the reseller, stealing credentials that can be used to gain broad access to Azure accounts. Once inside the account of a particular client, the attackers were able to read and steal emails, as well as other information.
Microsoft is a user of the Orion IT resource management platform produced by SolarWinds, in which hackers introduced malware in updates. The company also has products that could be used by attackers for further attacks on its customers. So, on Thursday, December 17, the us national security Agency even published a security notice describing how certain Microsoft Azure cloud services could be compromised by cybercriminals and redirect users to further block their systems.
According to Microsoft representatives, the company notified customers from the private sector about this problem and also informed the US government, but sources of the publication said that the government was not notified.
In addition, experts of the American information security company Crowdstrike said that hackers who attacked government and private organizations in the United States unsuccessfully tried to gain access to its mail. As experts noted, on December 15, Microsoft representatives notified the company about the alleged attempts to gain access to its systems using one of the accounts on the Microsoft cloud platform that took place "several months ago".
Allegedly, Russian hackers broke into the computer systems of a corporate partner of Microsoft and stole emails from users of Microsoft cloud services, as well as correspondence of one of the private companies. This was reported by the newspaper The Washington Post.
In the company itself, Microsoft said that it did not identify any vulnerabilities and traces of hacking of the provided products or cloud service.
"Our investigation into recent attacks has identified incidents involving the misuse of access credentials. So far, we have not identified any vulnerabilities or compromises in Microsoft products or cloud services," said Jeff Jones, senior Director of communications at the company.
Earlier, Microsoft found malware in its networks, adding to the list of companies affected by the hacking of the Texas software manufacturer SolarWinds. Microsoft notified "more than 40 customers" of the hack, some of which data was compromised by a third party. In particular, the attackers hacked the reseller, stealing credentials that can be used to gain broad access to Azure accounts. Once inside the account of a particular client, the attackers were able to read and steal emails, as well as other information.
Microsoft is a user of the Orion IT resource management platform produced by SolarWinds, in which hackers introduced malware in updates. The company also has products that could be used by attackers for further attacks on its customers. So, on Thursday, December 17, the us national security Agency even published a security notice describing how certain Microsoft Azure cloud services could be compromised by cybercriminals and redirect users to further block their systems.
According to Microsoft representatives, the company notified customers from the private sector about this problem and also informed the US government, but sources of the publication said that the government was not notified.
In addition, experts of the American information security company Crowdstrike said that hackers who attacked government and private organizations in the United States unsuccessfully tried to gain access to its mail. As experts noted, on December 15, Microsoft representatives notified the company about the alleged attempts to gain access to its systems using one of the accounts on the Microsoft cloud platform that took place "several months ago".