• Home
  • About
  • Contact us
  • Submit a News Releases
Tech News, Magazine & Review WordPress Theme 2017
  • Computing
  • Entertainment
  • Gaming
  • Mobile
  • Science
  • Security
  • Services
  • Software
  • Space
No Result
View All Result
  • Computing
  • Entertainment
  • Gaming
  • Mobile
  • Science
  • Security
  • Services
  • Software
  • Space
Technovanguard — Be at the forefront of technology news
No Result
View All Result

Has Microsoft Been Hacked?

Justin Rowell by Justin Rowell
28.03.2022
Home Software

Microsoft is investigating claims that internal source code repositories have been accessed and data has been stolen.

source Tom Malka

The alleged hack is linked to the hacking group Lapsus$, which attacked companies such as Nvidia, Samsung and Vodafone in the past successfully.

Update: Microsoft published an official statement on its Microsoft Security website confirming the issue.

This week, the actor made public claims that they had gained access to Microsoft and exfiltrated portions of source code. No customer code or data was involved in the observed activities. Our investigation has found a single account had been compromised, granting limited access. Our cybersecurity response teams quickly engaged to remediate the compromised account and prevent further activity. Microsoft does not rely on the secrecy of code as a security measure and viewing source code does not lead to elevation of risk. The tactics DEV-0537 used in this intrusion reflect the tactics and techniques discussed in this blog. Our team was already investigating the compromised account based on threat intelligence when the actor publicly disclosed their intrusion. This public disclosure escalated our action allowing our team to intervene and interrupt the actor mid-operation, limiting broader impact.

End of update.

Evidence of the hack emerged on Sunday evening when Tom Malka published screenshots on Twitter showing a Telegram conversation and what appears to be an internal folder listing of Microsoft source code repositories.

The screenshot suggests that the hackers downloaded source codes of Cortana and several Bing services. The post has been deleted in the meantime. Microsoft told Bleeping Computer that it is investigating the reports.

Unlike most extortion groups, which try to install ransomware on systems that they attack successful, Lapsus$ tries to get a ransom for downloaded data from the companies that it attacked.

The main services that Lapsus$ may have downloaded the source code from appear to be Bing, Bing Maps and Cortana. It is unclear at this point whether the full source codes have been downloaded by the attackers, and whether other Microsoft applications or services are included in the dump.

Source codes may contain valuable information. The code may be analyzed for security vulnerabilities that hacking groups may exploit. There is also the chance that source codes include valuable items such as code signing certificates, access tokens or API keys. Microsoft has a development policy in place that prohibits the inclusion of such items, Microsoft calls them secrets, in its source codes

The search terms used by the actor indicate the expected focus on attempting to find secrets. Our development policy prohibits secrets in code and we run automated tools to verify compliance.

Lots of uncertainty is surrounding the hack at this moment. Did Lapsus$ manage to breach Microsoft’s defenses? Did the group manage to download data, and if it did, what data was downloaded and how complete is it? Bing, Bing Maps and Cortana are not the most important Microsoft services.

Judging by Lapsus$’s track record, it is likely that the reported hack did indeed happen. The question of whether the downloaded data is valuable enough to get a ransom from Microsoft for not publishing it on the Internet is open for debate.

Now You: was Microsoft hacked? What is your take on this? (via Born)

Thank you for being a Ghacks reader. The post Has Microsoft Been Hacked? appeared first on gHacks Technology News.


Next Post
Cash aid for refugees may cause inflation

Cash aid for refugees may cause inflation

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recommended.

Microsoft Makes Breakthrough in the Quest to Use DNA as Data Storage

Microsoft Makes Breakthrough in the Quest to Use DNA as Data Storage

15.12.2021
Every Texas Chainsaw Massacre film is psychoanalyzing the original

Every Texas Chainsaw Massacre film is psychoanalyzing the original

27.02.2022

Trending.

LANL Publishes Guide to Quantum Computer Programming

LANL Publishes Guide to Quantum Computer Programming

15.06.2022
A Global Ocean Biogeochemical Observatory Becomes a Reality

A Global Ocean Biogeochemical Observatory Becomes a Reality

21.03.2022
ROCK5 Model B : une carte de dev sous RK3588

ROCK5 Model B : une carte de dev sous RK3588

13.01.2022
7 Essentials You Need to Complete Your Twitch Streaming Setup

7 Essentials You Need to Complete Your Twitch Streaming Setup

15.12.2021
XT-ZB1 DevKit : un module Zigbee et Bluetooth RISC-V à 2€

XT-ZB1 DevKit : un module Zigbee et Bluetooth RISC-V à 2€

27.12.2021
Technovanguard — Be at the forefront of technology news

Technovanguard - The latest news from the world of IT and modern technologies.

Categories

  • Computing
  • Entertainment
  • Gaming
  • Mobile
  • Science
  • Security
  • Services
  • Software
  • Space
  • Без рубрики

Tags

FEATUREDNEWS

Recent News

Tech giants form Metaverse Standards Forum to promote collaboration

Tech giants form Metaverse Standards Forum to promote collaboration

26.06.2022
The Umbrella Academy cast shares their favorite group scenes from season 3

The Umbrella Academy cast shares their favorite group scenes from season 3

26.06.2022
  • Home
  • About
  • Contact us
  • Submit a News Releases

© 2021 technovanguard.com.

No Result
View All Result
  • Computing
  • Entertainment
  • Gaming
  • Mobile
  • Science
  • Security
  • Services
  • Software
  • Space

© 2021 technovanguard.com.