Microsoft Is Coy About Whether Zero Day Flaw Led to Chinese Espionage Campaign
London mayor's office exposed data, CERT-UA warns of Gamaredon speed, US military emails misdirected to Mali, Walden denied top cyber job for bogus reason, Genesis Market sold to new owner, much more
Microsoft issued an update regarding the targeted Chinese espionage campaign that affected 24 organizations, including several US government agencies, saying that the compromise resulted from three exploited vulnerabilities in either its Exchange Online email service or Azure Active Directory, an identity service that manages single sign-on and multifactor authentication for large organizations.
Microsoft’s Threat Intelligence team said Storm-0558, a China-based hacking group that conducts espionage on behalf of that country’s government, exploited them starting on May 15. Microsoft drove out the attackers on June 16 after a customer tipped off company researchers of the intrusion.
This means that Storm-0558 exploited zero days in the Microsoft cloud services. But in this update and previous explanations of t…
Keep reading with a 7-day free trial
Subscribe to Metacurity to keep reading this post and get 7 days of free access to the full post archives.