The Department of Homeland Security says email accounts of U.S. officials were exposed due to Microsoft's security failures.
The Department of Homeland Security issued a damning review of Microsoft’s cybersecurity practices on Tuesday, blaming the cloud provider for exposing the emails of high-ranking government officials. The review found Chinese-state affiliated hackers capitalized on “a cascade of security failures at Microsoft,” and says the company’s security culture “requires an overhaul.
Microsoft did not immediately respond to Gizmodo’s request for comment. A hacker group affiliated with the People’s Republic of China, Storm-0558, was responsible for the attack. As early as May 2023, hackers compromised the mailboxes of government officials by stealing signing keys and utilizing a flaw in Microsoft’s token validation system. This allowed Storm-0558 full access to essentially any Exchange Online account, Microsoft’s hosted messaging platform.
South Africa Latest News, South Africa Headlines
Similar News:You can also read news stories similar to this one that we have collected from other news sources.
Scathing federal report rips Microsoft for shoddy security, insincerity in response to Chinese hackThe Associated Press
Read more »
Scathing federal report rips Microsoft for shoddy security, insincerity in response to Chinese hackA Biden administration-appointed review board has issued a scathing indictment of Microsoft corporate security and transparency. The panel says in Tuesday's report that “a cascade of errors” by the tech giant let state-backed Chinese cyber operators break into email accounts last year of senior U.S.
Read more »
Scathing federal report rips Microsoft for shoddy security, insincerity in response to Chinese hackA Biden administration-appointed review board has issued a scathing indictment of Microsoft corporate security and transparency.
Read more »
Scathing federal report rips Microsoft for shoddy security, insincerity in response to Chinese hackA Biden administration-appointed review board has issued a scathing indictment of Microsoft corporate security and transparency.
Read more »
Colorado public defender ransomware attack may have exposed Social Security numbers, personal dataFiles “were copied without permission” during the cyberattack, and those files may have included names, Social Security numbers, driver’s license numbers, medical information and …
Read more »
That security camera and smart doorbell you’re using may have some major security flawsWhen 24-year-old Heather Hines from Southern California was changing into her work clothes last month, she noticed the seven security cameras she owned from Wyze went offline for a short period of time, including the one in her bedroom.
Read more »