Results of Major Technical Investigations for Storm-0558 Key Acquisition
(msrc.microsoft.com)
from tedu@azorius.net to cloudsec@azorius.net on 06 Sep 2023 22:41
https://azorius.net/g/cloudsec/p/L8p79253bMX5N2sTZp-Results-of-Major-Technical-Investigations-for-St
from tedu@azorius.net to cloudsec@azorius.net on 06 Sep 2023 22:41
https://azorius.net/g/cloudsec/p/L8p79253bMX5N2sTZp-Results-of-Major-Technical-Investigations-for-St
On July 11, 2023, Microsoft published a blog post which details how the China-Based threat actor, Storm-0558, used an acquired Microsoft account (MSA) consumer key to forge tokens to access OWA and Outlook.com. Upon identifying that the threat actor had acquired the consumer key, Microsoft performed a comprehensive technical investigation into the acquisition of the Microsoft account consumer signing key, including how it was used to access enterprise email. Our technical investigation has concluded. As part of our commitment to transparency and trust, we are releasing our investigation findings.
#cloudsec
threaded - newest