Microsoft filing with the SEC to say Russia SVR hacked the email accounts of its own cyber staff in November, they discovered this week: https://www.sec.gov/Archives/edgar/data/789019/000119312524011295/d708866dex991.htm
I need to set up a calendar entry for Friday night, called Microsoft Hacked Announcements.
I agree with @alex here, Microsoft needs to do a much more public disclosure.
Microsoft staff use Microsoft 365 email with Exchange Online. Eg I was gossi@microsoft.com.
I think MS needs to explain to M365 customers how mailboxes were accessed via password spraying.
HP have now filed an 8K with the SEC, listing the same threat actor as Microsoft, saying they also got access to their email.
Not stated - their email is also on Microsoft 365, same as MSFT.
This time in May 2023.
https://www.sec.gov/Archives/edgar/data/1645590/000164559024000009/hpe-20240119.htm
Microsoft have detailed technical write up about it's security incident and how to defend against it.
It's really good, kudos to MS for publishing.
Microsoft made a catalogue of errors in how they configured and secured their Microsoft 365 tenants. It is not a Microsoft product defect issue; the directly sell the governance products and services to stop this kind of thing.
