Microsoft reported a breach by Russian group ‘Midnight Blizzard,’ which accessed internal systems and source code using stolen authentication secrets from a January cyberattack. The unauthorized access was facilitated by a compromised non-production test account lacking multi-factor authentication and linked to an OAuth app with elevated privileges. Microsoft is contacting affected customers and has ramped up security measures to counter the persistent threat.

  • OsrsNeedsF2P
    link
    fedilink
    English
    arrow-up
    76
    arrow-down
    1
    ·
    8 months ago

    I love the closed source model, where only blackhats get to see the source code that whitehats never had the chance to report bugs on!