In June, the US State Department told Microsoft that its emails in Azure were hacked; attackers stole a Microsoft key and hacked ~25 organizations' emails
The State Department discovered the Microsoft vulnerability, which affected unclassified government systems, last month
Washington Post
Related Coverage
- US government stresses audit logging importance in wake of Chinese APT intrusions CSO · Cynthia Brumfield
- Commerce Secretary Gina Raimondo's emails hacked in Microsoft cyber breach: Source ABC News · Luke Barr
- U.S. Government Agencies' Emails Compromised in China-Backed Cyber Attack The Hacker News
- Microsoft says China-based hackers infiltrated government email accounts Axios · Sam Sabin
- The US State Department told Microsoft that emails in its cloud were hacked last month TechRadar · Sead Fadilpašić
- Microsoft says Chinese hackers breached email accounts of U.S. Government agencies OnMSFT.com · Pranav Bhardwaj
- Microsoft reveals Chinese hackers breached US government emails SiliconANGLE · Kyt Dotson
- Chinese hackers targeted Raimondo, State emails through Microsoft breach Politico
- Hackers infiltrated US government emails via Microsoft vulnerability Dexerto · Sayem Ahmed
- Microsoft Warns That a Chinese Cyberattack Breached Government Email Accounts Gizmodo · Nikki Main
- There is a strong possibility that Microsoft itself was badly hacked. @JosephMenn@infosec.exchange · JosephMenn
- Really good Washington Post piece on the breach of Microsoft 365's email service. — hackers accessed customer emails for a month — Microsoft didn't notice — USG had to tell them — The access to generate tokens very likely came from MS being hacked and not realising … @GossiTheDog@cyberplace.social · Kevin Beaumont
- Okay - I found a victim org. — The situation for them is 😬 — MS are going to have to release more info, methinks.. or I crank out the blog writing. @GossiTheDog@cyberplace.social · Kevin Beaumont
- Enhanced Monitoring to Detect APT Activity Targeting Outlook Online Cybersecurity and Infrastructure Security Agency CISA
- Microsoft mitigates China-based threat actor Storm-0558 targeting of customer email Microsoft Security Response Center
- Chinese hackers raided US government email accounts by exploiting Microsoft cloud bug TechCrunch · Carly Page
- China-based hackers breached US government email accounts, Microsoft and White House say CNN · Sean Lyngaas
- China-based hackers breach email accounts at State Department NBC News
- Mitigation for China-Based Threat Actor Activity Microsoft On the Issues · Charlie Bell
- Chinese intelligence hacked U.S. government emails in ‘significant’ breach CNBC · Rohan Goswami
- Chinese Hackers Targeted Commerce Secretary and Other U.S. Officials New York Times
- Chinese Hackers Breached Email of Commerce Secretary Gina Raimondo and State Department Officials Wall Street Journal
- Microsoft: China accused of hacking US government emails BBC · Annabelle Liang
- Microsoft says China-based hackers breached government email accounts Fox Business
- Chinese hackers breached State Dept., other government email on eve of Blinken visit, officials say Associated Press
- How a Cloud Flaw Gave Chinese Spies a Key to Microsoft's Kingdom Wired · Andy Greenberg
- Chinese Threat Group Compromises US Government Infosecurity · Phil Muncaster
- Microsoft's storm-proof defense wins gHacks Technology News · Emre Çitak
- No reason to doubt Microsoft's attribution of hack to China hackers: US State Department Reuters
- Microsoft warns China-linked APT actor hacked US agency, other email accounts Cybersecurity Dive
- Chinese hackers targeted State, Commerce officials in Microsoft breach: reports The Hill
- China-linked hackers targeted State, Commerce department email accounts New York Post · Ryan King
- Hackers accessed US gov Exchange Online email accounts iTnews
- Chinese hackers breached US govt email accounts: Microsoft Tech Xplore · Chris Lefkow
- US officials: Chinese hackers breached unclassified govt email by foiling Microsoft security WHDH-TV
- China-based hackers accessed US federal executive branch emails CIO.com
- Chinese Hackers Exploit Microsoft Bug to Raid US Government Emails Tech.co · Ellis Di Cataldo
- Microsoft Mitigates Hacker Access To Government Email Accounts Search Engine Journal · Kristi Hines
- Commerce Chief Raimondo's Email Hacked in Breach Tied to China Bloomberg
- Although MS haven't called this a vulnerability, haven't issued a CVE or used the term zero day.. they don't issue CVEs for cloud services, forging a token is a vulnerability, so it's a zero day. @GossiTheDog@cyberplace.social · Kevin Beaumont
- For anybody interested - the “acquired Microsoft account (MSA) consumer signing key” used in this must have come from inside Microsoft's internal network. @GossiTheDog@cyberplace.social · Kevin Beaumont
- WSJ reporting the Microsoft 365 hack was used to spy on the State Department. https://www.wsj.com/... @GossiTheDog@cyberplace.social · Kevin Beaumont
- CISA's advisory on the Microsoft 365 compromise is wayyyyyyyyyyy better than the Microsoft advisory - contains actionable hunting and logging information. Kinda nuts that the US Government are providing better information about Microsoft than Microsoft. — https://www.cisa.gov/... @GossiTheDog@cyberplace.social · Kevin Beaumont
- Friday night news dump came on Tuesday this week. Free gift link: Chinese hackers breach gov email accounts via Microsoft cloud. https://wapo.st/3PPopsz @JosephMenn@infosec.exchange · JosephMenn
Discussion
-
@ellenwapo.bsky.social
Ellen Nakashima
on bluesky
NEW: Chinese hackers compromised Commerce Secretary Raimondo's email as well as accounts of State Dept officials. Her agency has imposed stiff export controls on Chinese technologies that Beijing has denounced. https://www.washingtonpost.com/ ...
-
@LukaszOlejnik@mastodon.social
Lukasz Olejnik
on mastodon
Chinese cyber operators, exploiting a security gap in Microsoft's cloud, hacked email accounts at the Commerce and State departments, including that of Commerce Secretary, of the agency that imposed export controls on Chinese technologies. — High-level policymakers ARE being ha…
-
@nakashimae
Ellen Nakashima
on x
NEW: Chinese hackers breach government email accounts through Microsoft cloud. USG discovered the security gap last month, officials say https://www.washingtonpost.com/ ...
-
@nickkristof
Nicholas Kristof
on x
China hacked into emails of Commerce Sec @GinaRaimondo, without getting classified material. There'll be outrage about this, but the reality is that this is what governments do. We would hack into emails of the Chinese commerce secretary if we could. https://www.washingtonpost.co…
-
@nakashimae
Ellen Nakashima
on x
UPDATE: Chinese hackers breach Commerce Secretary Raimondo's email along with accounts of State Department officials. Her agency has imposed stiff export controls on Chinese technologies that Beijing has denounced. https://www.washingtonpost.com/ ...
-
@adegrandpre
Andrew deGrandpré
on x
DHS: 9 organizations were victimized in the US. Small number of email accounts compromised at each Pentagon, intel community & military email do not appear to be affected, a person familiar said FBI: No classified info appears to have been taken https://www.washingtonpost.com/ ..…
-
@kevincollier@mastodon.social
Kevin Collier
on mastodon
One thought on the Chinese cyberespionage campaign targeting the Outlook email accounts of State Dept and others. Everyone assumes this is Chinese intelligence, but only Mark Warner is saying so afaik. MSFT just says China; FBI and CISA says it's indicative of APT activity.
-
@lrozen
Laura Rozen
on x
🧵State Dept spox: “The Dept of State detected anomalous activity, took immediate steps to secure our systems, & will continue to closely monitor & quickly respond to any further activity. As a matter of cybersecurity policy, we do not discuss details of our response & https://twi…
-
@0xdabbad00
Scott Piper
on x
Regarding this Storm-0558 news, I'm more interested in how the actor acquired the MSA key and the mitigations for that. https://msrc.microsoft.com/...
-
@ericgeller
Eric Geller
on x
Potentially big: Microsoft says Chinese hackers accessed the email accounts of people at 25 organizations, including government agencies, by forging authentication tokens with a stolen signing key. https://msrc.microsoft.com/... https://blogs.microsoft.com/ ... [image]
-
@arekfurt
@arekfurt
on x
Just a little bit more detail on the MS cloud breach in this official blog post. But a key sentence: “They did this by using forged authentication tokens to access user email using an acquired Microsoft account (MSA) consumer signing key.” 😲 https://blogs.microsoft.com/ ...
-
@arekfurt
@arekfurt
on x
Redmond's PR people and lobbyists must be absolutely losing their minds right now. Just read this, for example: https://www.washingtonpost.com/ ...
-
@wavesblog
@wavesblog
on x
“Inside the government, the attack showed a significant cybersecurity gap in Microsoft's defenses and raised serious questions about the security of cloud computing, the person briefed on the intrusion said.” https://twitter.com/...
-
@adam_k_levin
Adam Levin
on x
“We need to have some serious conversations about how much hacking we'll tolerate before taking action.” https://www.nytimes.com/...
-
r/neoliberal
r
on reddit
Chinese intelligence hacked U.S. government emails in ‘significant’ breach
-
r/technews
r
on reddit
Chinese hackers raided US government email accounts by exploiting Microsoft cloud bug
-
r/technology
r
on reddit
Chinese hackers raided US government email accounts by exploiting Microsoft cloud bug
-
r/cybersecurity
r
on reddit
Chinese Hackers Breached Government Email Accounts, Microsoft Says
-
r/China
r
on reddit
Chinese hackers breach U.S. government email through Microsoft cloud