Chinese Espionage Campaign Could Extend to Other Microsoft Cloud Offerings
FISA court says FBI wrongfully searched database, Critical comms tech TETRA suffers serious flaws, Bitfinex hack launderers set to plead guilty, $31m was drained from Alphapo, much more
Researchers from cloud security company Wiz say that the Chinese hackers behind the recent espionage campaign used a stolen or forged Microsoft signing key could have extended their access to enable them to sign into other widely used Microsoft cloud offerings, including a wide range of Azure applications such as SharePoint, Teams, and OneDrive.
Microsoft has revoked the key, so it cannot be used in new attacks. But Wiz said the attackers might have left back doors in applications that would let them return, and it said some software would still recognize a session begun by an expired key.
Many of Wiz’s claims are speculative and not evidence-based,” said Microsoft spokesperson Jeff Jones. (Joseph Menn / Washington Post)
Related: Wiz Blog, BleepingComputer, The Register, The Hacker News, SiliconANGLE, SecurityWeek, SC M…
Keep reading with a 7-day free trial
Subscribe to Metacurity to keep reading this post and get 7 days of free access to the full post archives.