Midnight Blizzard hackers used Microsoft’s stolen authentication secrets to advance into their internal system and access source code. The Russian attackers initially used password spraying to get into a legacy non-production test tenant account. Microsoft disclosed this initial attack in January 2024. The compromised account had access to an OAuth application with elevated privilege to […]
The post Russians Used Microsoft’s Stolen Authentication Secrets to Access Source Code appeared first on Heimdal Security Blog.