Stolen Microsoft Key Gave Chinese Hackers Widespread Access to Cloud Services

As it turns out, the Wiz security team found that the Chinese hackers could have used the private key to access several other Microsoft products. The attack potentially affected all Microsoft apps that utilize OpenID v2.0 access tokens for account authentication.

"Our researchers concluded that the compromised MSA key could have allowed the threat actor to forge access tokens for multiple types of Azure Active Directory applications, including every application that supports personal account authentication, such as SharePoint, Teams, OneDrive, customers' ...

logo
Publisher: Petri IT Knowledgebase
Date: 2023-07-24T10:43:06-05:00
Reference: (Read more) Visit Source



Comments

Popular posts from this blog

REASON GONE MAD: Planets, planets, everywhere! - The Berkshire Edge

NASA's Perseverance Rover Is Midway to Mars – NASA’s Mars Exploration Program

Robots Can Now Detect The Human Touch Without Artificial Skin