For the first time in the history of Microsoft, a cyberattack has left hundreds of executive accounts compromised and caused a major user data leak as Microsoft Azure was attacked.

According to Proofpoint, the hackers use the malicious techniques that were discovered in November 2023. It includes credential theft through phishing methods and cloud account takeover (CTO) which helped the hackers gain access to both Microsoft365 applications as well as OfficeHome.

  • Kid@sh.itjust.worksOPM
    link
    fedilink
    arrow-up
    25
    arrow-down
    2
    ·
    2 years ago

    A better summary:

    The text discusses a series of cybersecurity breaches affecting Microsoft, involving sensitive data theft from US government officials and organizations, attributed to Chinese hackers. Microsoft’s delayed response to discovered security flaws, including a 90-day wait for a partial fix, is criticized. Senator Ron Wyden has called for Microsoft’s accountability. The breaches underscore the growing issue of security vulnerabilities in tech companies, leading to expectations that the US government will require companies to promptly disclose security incidents within a strict timeframe.

  • every day i lose my mind a little more at how much trust hundreds of thousands of companies across the world place in third parties like microsoft to handle literally all of their sensitive data, as if that could be a good idea in any universe

    • Treczoks@lemm.ee
      link
      fedilink
      arrow-up
      3
      ·
      2 years ago

      Especially when history has shown that Microsoft had and has issues with security basically everywhere.

    • Detheroth@lemmynsfw.com
      link
      fedilink
      English
      arrow-up
      2
      ·
      2 years ago

      Not just companies. Governments. I know of entire governmental departments that run exclusively off of a M$ environment. People who deal with capital C Confidential information are backing it up into OneDrive. It’s lunacy.

  • KuroeNekoDemon@sh.itjust.works
    link
    fedilink
    arrow-up
    4
    ·
    2 years ago

    What’s sad is that my former university uses Microsoft products for literally everything and they think Duo is going to keep my uni email secure. Until they encrypt that bitch and enhance their security that email is as good as dead

  • Loki@lemmy.world
    link
    fedilink
    arrow-up
    4
    ·
    2 years ago

    This piece reads like it was generated by an LLM from prompts supplied by a twelve year old who knows nothing about cybersecurity. I was really looking forward to reading the article from the headline

    • Kid@sh.itjust.worksOPM
      link
      fedilink
      arrow-up
      1
      ·
      2 years ago

      Do you mean the text accompanying the post? That is the first two paragraphs from the article.

      The “better summary” I posted later was actually generated by chatgpt.