AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |
Back to Blog
Microsoft data breach 202112/3/2023 ![]() ATFS: A ransomware attack against payment processor ATFS forced multiple US cities to send out data breach notifications.Airlines involved in the data breach were then required to reach out to their customers. SITA: An IT supplier for aviation services around the world, SITA, said a security incident involving SITA Passenger Service System servers led to the exposure of personal, identifiable information belonging to airline passengers.The information leaked included everything from full names to Facebook account tokens. MeetMindful: The data of over two million users of the dating app was reportedly stolen and leaked by a hacking group.Tens of thousands of organizations are believed to have been compromised. The Redmond giant became aware of the flaws in January and released emergency patches in March however, the Hafnium state-sponsored threat group was joined by others for months after in attacks against unpatched systems. Microsoft Exchange Server: One of the most damaging cybersecurity incidents this year was the widespread compromise of Microsoft Exchange servers caused by a set of zero-day vulnerabilities known collectively as ProxyLogon.The Russian trading post claimed that threat actors were able to break in and tamper with cryptocurrency exchange rate values, leading to irreparable financial damage. Livecoin: Following an alleged hack in December, cryptocurrency exchange Livecoin slammed its doors shut and exited the market in January.However, experts at the time assessed the cyber-attacks may have been a Russian false-flag campaign designed to continue whipping up hatred towards Sweden in Muslim countries like Turkey, which has a veto over the country’s accession to NATO. In February, Anonymous Sudan claimed responsibility for a number of DDoS attacks against Swedish companies which it said were retaliation for an incident of Quran burning near Turkey’s embassy in Stockholm. In the same blog post, Microsoft claimed that it had seen “no evidence that customer data has been accessed or compromised.” Storm-1359 appears to be focused on disruption and publicity.” ![]() ![]() “Microsoft assessed that Storm-1359 has access to a collection of botnets and tools that could enable the threat actor to launch DDoS attacks from multiple cloud services and open proxy infrastructures. “Beginning in early June 2023, Microsoft identified surges in traffic against some services that temporarily impacted availability,” it explained at the time. The tech giant admitted in mid-June that the group, which it tracks as “Storm-1359,” had been responsible for Layer 7 DDoS attacks against it earlier that month. We have seen no evidence that our customer data has been accessed or compromised,” it noted.Īnonymous Sudan has caused trouble for Microsoft in the past. “At this time, our analysis of the data shows that this is not a legitimate claim and an aggregation of data. However, a brief statement from Microsoft was pretty unequivocal. It attached what it claimed to be a “small sample” of compromised details as proof of its word. The group said it would be selling the haul for $50,000. In a post seen by Infosecurity, it said: “We announce that we have successfully hacked Microsoft and have access to a large database containing more than 30 million Microsoft accounts, emails and passwords … We will begin selling this database, so if you’re interested, contact us at our bot to negotiate.” Read more on Microsoft breaches: Microsoft: 44 Million User Passwords Have Been Breached Microsoft has hit back at claims from a shadowy hacktivist outfit that it managed to breach the company and obtain account access for tens of millions of customers.Īnonymous Sudan, which has been linked in the past to pro-Kremlin groups like Killnet, posted the details of its alleged raid on Telegram.
0 Comments
Read More
Leave a Reply. |