Microsoft says the Russian 'Midnight Blizzard' hacking group recently accessed some of its internal systems and source code repositories using authentication secrets stolen during a January cyberattack.

Microsoft reported a breach by Russian group ‘Midnight Blizzard,’ which accessed internal systems and source code using stolen authentication secrets from a January cyberattack. The unauthorized access was facilitated by a compromised non-production test account lacking multi-factor authentication and linked to an OAuth app with elevated privileges. Microsoft is contacting affected customers and has ramped up security measures to counter the persistent threat.

  • Admiral Patrick@dubvee.orgEnglish
    2·
    8 months ago

    Oh, no. Imagine all the havoc that could be wrought if the source code for an operating system was released onto the internet /s

    That’s why you should never rely on security through obscurity.

    – Sent from my Linux desktop

    • rdri@lemmy.worldEnglish
      01·
      8 months ago

      Chances are it didn’t involve the OS source code. If you read the article, previously Microsoft reported about source code for service components like Exchange, Azure etc.

  • OsrsNeedsF2P@lemmy.mlEnglish
    2·
    8 months ago

    I love the closed source model, where only blackhats get to see the source code that whitehats never had the chance to report bugs on!

  • Random Dent@lemmy.mlEnglish
    1·
    8 months ago

    I know this isn’t what this is, but I dream of the day that someone gets hold of the source code for Windows 10/11 and just dumps it onto the internet, and then some other enterprising soul uses it to make a version of Windows that runs all the apps but has all the Microsoft bullshit removed.

    I’m sure it’ll never happen, but it’s nice to think about.