Microsoft says the Russian 'Midnight Blizzard' hacking group recently accessed some of its internal systems and source code repositories using authentication secrets stolen during a January cyberattack.

Microsoft reported a breach by Russian group ‘Midnight Blizzard,’ which accessed internal systems and source code using stolen authentication secrets from a January cyberattack. The unauthorized access was facilitated by a compromised non-production test account lacking multi-factor authentication and linked to an OAuth app with elevated privileges. Microsoft is contacting affected customers and has ramped up security measures to counter the persistent threat.

  • Admiral Patrick@dubvee.orgEnglish
    461·
    9 months ago

    Oh, no. Imagine all the havoc that could be wrought if the source code for an operating system was released onto the internet /s

    That’s why you should never rely on security through obscurity.

    – Sent from my Linux desktop

    • assembly@lemmy.worldEnglish
      10·
      9 months ago

      I hope these hackers didn’t also get the source code to RockyLinux or I’m screwed man. If all you need is source code access, I won’t be safe after that. :-)

    • rutellthesinful@kbin.social
      3·
      9 months ago

      wouldn’t the counterpoint to that be all the vulnerabilities that have sat out in the open for years before finally being reported?

    • rdri@lemmy.worldEnglish
      22·
      9 months ago

      Chances are it didn’t involve the OS source code. If you read the article, previously Microsoft reported about source code for service components like Exchange, Azure etc.