Microsoft 'senior leadership' emails accessed by Russian SolarWinds hackers

Microsoft is revealing today that it has detected a nation-state attack on its corporate systems by the same Russian state-sponsored hackers group that were responsible for the sophisticated SolarWinds attack. Microsoft says the hackers known as Nobelium were able to access the email accounts of some members of its senior leadership team late last year.

“In late November 2023, a threat actor used a password spray attack to compromise and gain a foothold in an old non-production test tenant account, and then to a very small percentage of Microsoft corporate email accounts, including members Access gained, for which account permissions were used. “Our cybersecurity, legal and other functions and certain emails and attached documents to our senior leadership team and employees were compromised,” the Microsoft Security Response Center said in a blog post filed late Friday.

Microsoft says the group was "initially targeting email accounts" for information about themselves, but it is unclear what other emails and documents were stolen in the process. Microsoft became aware of the attack only last week, on January 12, and the company has not disclosed how long the attackers were able to access its systems.

“The attack was not the result of any vulnerability in Microsoft products or services. Microsoft says, "To date, there is no evidence that the threat actor had any access to customer environments, production systems, source code, or AI systems."

The attack comes just days after Microsoft announced plans to improve its software security following major Azure cloud attacks. Although Microsoft customers are not affected by this new incident and it was not the result of a Microsoft vulnerability, it is the latest in a series of cybersecurity incidents for Microsoft. It found itself at the center of the SolarWinds attack nearly three years ago, then in 2021 30,000 organizations' email servers were hacked due to a Microsoft Exchange server flaw, and Chinese hackers compromised the U.S. government through a Microsoft cloud exploit last year. The limits were violated. The email was compromised.

Microsoft is now changing the way its software and services are designed, built, tested and operated. It's the biggest change in its security approach since the company announced its Security Development Lifecycle (SDL) in 2004, when a major flaw in Windows XP took PCs offline.

Ticketmaster disrupts sales of Taylor Swift's The Era's Tour and many others. It's gotten so bad — and it's angered many Taylor Swift fans — that Congress is holding hearings on antitrust legislation in 2023. A series of policy changes since the 1980s have helped the firm dominate every single aspect of the live events business. And Ronald Reagan is to blame for this.