{"id":186825,"date":"2024-04-04T20:30:27","date_gmt":"2024-04-05T01:30:27","guid":{"rendered":"https:\/\/lifeboat.com\/blog\/2024\/04\/microsoft-still-unsure-how-hackers-stole-msa-key-in-2023-exchange-attack"},"modified":"2024-04-04T20:30:27","modified_gmt":"2024-04-05T01:30:27","slug":"microsoft-still-unsure-how-hackers-stole-msa-key-in-2023-exchange-attack","status":"publish","type":"post","link":"https:\/\/lifeboat.com\/blog\/2024\/04\/microsoft-still-unsure-how-hackers-stole-msa-key-in-2023-exchange-attack","title":{"rendered":"Microsoft still unsure how hackers stole MSA key in 2023 Exchange attack"},"content":{"rendered":"<p><a class=\"aligncenter blog-photo\" href=\"https:\/\/lifeboat.com\/blog.images\/microsoft-still-unsure-how-hackers-stole-msa-key-in-2023-exchange-attack2.jpg\"><\/a><\/p>\n<p>The U.S. Department of Homeland Security\u2019s Cyber Safety Review Board (CSRB) has released a scathing report on how Microsoft handled its 2023 Exchange Online attack, warning that the company needs to do better at securing data and be more truthful about how threat actors stole an Azure signing key.<\/p>\n<p>Microsoft believes that last May\u2019s Exchange Online hack is linked to a threat actor known as \u2018Storm-0558\u2019 stealing an Azure signing key from an engineer\u2019s laptop that was previously compromised by the hackers at an acquired company.<\/p>\n<p>Storm-0558 is a cyberespionage actor affiliated with China that has been active for more than two decades targeting a wide range of organizations.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>The U.S. Department of Homeland Security\u2019s Cyber Safety Review Board (CSRB) has released a scathing report on how Microsoft handled its 2023 Exchange Online attack, warning that the company needs to do better at securing data and be more truthful about how threat actors stole an Azure signing key. Microsoft believes that last May\u2019s Exchange [\u2026]<\/p>\n","protected":false},"author":427,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[34],"tags":[],"class_list":["post-186825","post","type-post","status-publish","format-standard","hentry","category-cybercrime-malcode"],"_links":{"self":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts\/186825","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/users\/427"}],"replies":[{"embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/comments?post=186825"}],"version-history":[{"count":0,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts\/186825\/revisions"}],"wp:attachment":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/media?parent=186825"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/categories?post=186825"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/tags?post=186825"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}