Share this article
Latest news
With KB5043178 to Release Preview Channel, Microsoft advises Windows 11 users to plug in when the battery is low
Copilot in Outlook will generate personalized themes for you to customize the app
Microsoft will raise the price of its 365 Suite to include AI capabilities
Death Stranding Director’s Cut is now Xbox X|S at a huge discount
Outlook will let users create custom account icons so they can tell their accounts apart easier
After the Midnight Blizzard attack, Microsoft urges administrators to follow new security guidelines
Microsoft was hacked recently, and hackers gained access to corporate emails
3 min. read
Published onFebruary 5, 2024
published onFebruary 5, 2024
Share this article
Read our disclosure page to find out how can you help Windows Report sustain the editorial teamRead more
Recently, Microsoft was under attack by a hacker group called Midnight Blizzard, and the company disclosed the attack in arecent blog post.
What exactly happened, and how serious this attack was? Keep on reading to find out!
The aftermath of the Midnight Blizzard on Microsoft
How did the attack occur?
On January 12, 2024, the Microsoft team detected a system-wide attack on its system performed by the Midnight Blizzard group. So how was this attack carried out?
The attackers used password spraying to guess a password on a legacy test tenant account. That account didn’t have multifactor authentication, therefore the hackers were able to guess the password and obtain access eventually.
After that, the attackers managed to compromise a legacy OAuth application that had elevated access to the corporate environment.
Hackers created a new user account to gain access to the corporate environment and Office 365 Exchange Online. They gained access to the mailboxes and targeted Microsoft corporate email accounts by doing so.
How can administrators protect themselves?
Since this attack initially started with a password spray attack, Microsoft shared a few guidelines on how to protect against it:
Inanother blog on the Midnight Blizzard attack, Microsoft stated that it would act immediately on improving its security standards on legacy systems and internal processes, and that might lead to some level of disruption.
It seems that Microsoft can’t catch a break, since recently there was azero-day exploit in Windows Event Logreported.
The good news is that Microsoft is already on this issue, and if you’re a system administrator, be sure to check Microsoft’s blog post for detailed security guidelines.
More about the topics:Cybersecurity,microsoft
Milan Stanojevic
Windows Toubleshooting Expert
Milan has been enthusiastic about technology ever since his childhood days, and this led him to take interest in all PC-related technologies. He’s a PC enthusiast and he spends most of his time learning about computers and technology.
Before joining WindowsReport, he worked as a front-end web developer. Now, he’s one of the Troubleshooting experts in our worldwide team, specializing in Windows errors & software issues.
User forum
0 messages
Sort by:LatestOldestMost Votes
Comment*
Name*
Email*
Commenting as.Not you?
Save information for future comments
Comment
Δ
Milan Stanojevic
Windows Toubleshooting Expert
Before joining WindowsReport, he worked as a front-end web developer. Now, he’s specialized in Windows errors & software issues.
