Skip to content

SECURE_CONNECTION//PRESS[CTRL+J]FOR ROOT ACCESS

THREATS/INCIDENTS/MICROSOFT
BACK TO INCIDENTS
CONFIRMED

Microsoft

APT ATTACK
DATE: January 19, 2024
SECTOR: Technology
LOCATION: United States

SUMMARY

Nation-state actor Midnight Blizzard compromises Microsoft corporate email systems

DETAILED ANALYSIS

Microsoft disclosed that Midnight Blizzard (Nobelium), a Russian state-sponsored threat actor, gained access to a legacy test OAuth application and used it to access Microsoft corporate email accounts, including those of senior leadership and cybersecurity teams.

IMPACT ASSESSMENT

Corporate email compromise, potential access to sensitive internal communications

INCIDENT METADATA

INCIDENT ID

INC-2024-002

THREAT TYPE

APT

INDUSTRY

Technology

STATUS

Confirmed

SOURCE REFERENCE

https://msrc.microsoft.com/blog/2024/01/microsoft-actions-following-attack-by-nation-state-actor-midnight-blizzard/
SEARCH RELATED CVEsVIEW THREAT DASHBOARD