• Home
  • About
  • Contact us
Tech News, Magazine & Review WordPress Theme 2017
  • Computing
  • Entertainment
  • Gaming
  • Mobile
  • Science
  • Security
  • Services
  • Software
  • Space
No Result
View All Result
  • Computing
  • Entertainment
  • Gaming
  • Mobile
  • Science
  • Security
  • Services
  • Software
  • Space
Technovanguard — Be at the forefront of technology news
No Result
View All Result

Has Microsoft Been Hacked?

Justin Rowell by Justin Rowell
29.09.2022
Home Software

Microsoft is investigating claims that internal source code repositories have been accessed and data has been stolen.

source Tom Malka

The alleged hack is linked to the hacking group Lapsus$, which attacked companies such as Nvidia, Samsung and Vodafone in the past successfully.

Update: Microsoft published an official statement on its Microsoft Security website confirming the issue.

This week, the actor made public claims that they had gained access to Microsoft and exfiltrated portions of source code. No customer code or data was involved in the observed activities. Our investigation has found a single account had been compromised, granting limited access. Our cybersecurity response teams quickly engaged to remediate the compromised account and prevent further activity. Microsoft does not rely on the secrecy of code as a security measure and viewing source code does not lead to elevation of risk. The tactics DEV-0537 used in this intrusion reflect the tactics and techniques discussed in this blog. Our team was already investigating the compromised account based on threat intelligence when the actor publicly disclosed their intrusion. This public disclosure escalated our action allowing our team to intervene and interrupt the actor mid-operation, limiting broader impact.

End of update.

Evidence of the hack emerged on Sunday evening when Tom Malka published screenshots on Twitter showing a Telegram conversation and what appears to be an internal folder listing of Microsoft source code repositories.

The screenshot suggests that the hackers downloaded source codes of Cortana and several Bing services. The post has been deleted in the meantime. Microsoft told Bleeping Computer that it is investigating the reports.

Unlike most extortion groups, which try to install ransomware on systems that they attack successful, Lapsus$ tries to get a ransom for downloaded data from the companies that it attacked.

The main services that Lapsus$ may have downloaded the source code from appear to be Bing, Bing Maps and Cortana. It is unclear at this point whether the full source codes have been downloaded by the attackers, and whether other Microsoft applications or services are included in the dump.

Source codes may contain valuable information. The code may be analyzed for security vulnerabilities that hacking groups may exploit. There is also the chance that source codes include valuable items such as code signing certificates, access tokens or API keys. Microsoft has a development policy in place that prohibits the inclusion of such items, Microsoft calls them secrets, in its source codes

The search terms used by the actor indicate the expected focus on attempting to find secrets. Our development policy prohibits secrets in code and we run automated tools to verify compliance.

Lots of uncertainty is surrounding the hack at this moment. Did Lapsus$ manage to breach Microsoft’s defenses? Did the group manage to download data, and if it did, what data was downloaded and how complete is it? Bing, Bing Maps and Cortana are not the most important Microsoft services.

Judging by Lapsus$’s track record, it is likely that the reported hack did indeed happen. The question of whether the downloaded data is valuable enough to get a ransom from Microsoft for not publishing it on the Internet is open for debate.

Now You: was Microsoft hacked? What is your take on this? (via Born)

Thank you for being a Ghacks reader. The post Has Microsoft Been Hacked? appeared first on gHacks Technology News.


Next Post
Cash aid for refugees may cause inflation

Cash aid for refugees may cause inflation

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recommended.

New Results Deepen the Mystery of Earth’s Early Magnetic Field

New Results Deepen the Mystery of Earth’s Early Magnetic Field

29.09.2022

What Are the Most Common PC Bugs & Who Can Fix Them Remotely?

06.10.2022

Trending.

How Residential Proxies from Infatica Can Help Make Public Web Data More Accessible for Analysis

How Residential Proxies from Infatica Can Help Make Public Web Data More Accessible for Analysis

29.12.2022
Rohrreinigung – Kosten & Tipps

Rohrreinigung – Kosten & Tipps

05.01.2023
How to configure Thunderbird to open emails in windows

How to configure Thunderbird to open emails in windows

29.09.2022

The most important humanitarian problems to be solved

29.09.2022
The fight against piracy in Ukraine as another front to defeat Russia

The fight against piracy in Ukraine as another front to defeat Russia

19.12.2022
Technovanguard — Be at the forefront of technology news

Technovanguard - The latest news from the world of IT and modern technologies.

Categories

  • Computing
  • Entertainment
  • Gaming
  • Mobile
  • Science
  • Security
  • Services
  • Software
  • Space
  • Без рубрики

Tags

best bitcoin casino best bitcoin gambling site best crypto casino bitcoin gambling site btc casino FEATUREDNEWS linkedin connection message linkedin connection request template linkedin connect message examples linkedin networking message template linkedin sales message top bitcoin casinos

Recent News

Staying Ahead of the Game: The Top 10 Most Popular Websites for IT and Modern Technology

Staying Ahead of the Game: The Top 10 Most Popular Websites for IT and Modern Technology

19.01.2023
LinkedIn: A Business Boosting Resource

LinkedIn: A Business Boosting Resource

18.01.2023
  • Home
  • About
  • Contact us

© 2021 technovanguard.com. Submit news release

No Result
View All Result
  • Computing
  • Entertainment
  • Gaming
  • Mobile
  • Science
  • Security
  • Services
  • Software
  • Space

© 2021 technovanguard.com. Submit news release