))
Russian Hackers Breach Microsoft
Manage episode 405767327 series 3274687
Innhold levert av Ryan Williams Sr. and Ryan Williams. Alt podcastinnhold, inkludert episoder, grafikk og podcastbeskrivelser, lastes opp og leveres direkte av Ryan Williams Sr. and Ryan Williams eller deres podcastplattformpartner. Hvis du tror at noen bruker det opphavsrettsbeskyttede verket ditt uten din tillatelse, kan du følge prosessen skissert her https://no.player.fm/legal.
In this episode, Ryan and Shannon discuss the recent theft of Microsoft's source code by Russian government hackers. They highlight the use of password spraying and the lack of lockouts as a vulnerability that allowed the attack to occur. They also emphasize Microsoft's global presence and the potential impact of the breach on various countries and organizations. The delayed detection of the attack raises concerns about Microsoft's security measures. The conversation explores the ongoing investigation and the need for more information. Lessons learned from the incident and the potential future threats are discussed, including the importance of access control and privileged accounts.
Takeaways
Password spraying and the lack of lockouts can leave organizations vulnerable to attacks.
Microsoft's global presence makes it a prime target for hackers.
Delayed detection of attacks can have serious consequences.
Access control and privileged accounts should be carefully managed to prevent unauthorized access.
Article: Microsoft Says Russian Gov Hackers Stole Source Code After Spying on Executive Emails
https://www.securityweek.com/microsoft-says-russian-gov-hackers-stole-source-code-after-spying-on-executive-emails/?fbclid=IwAR3Tt7ypxIK2ZxFSk3MaXBz0Ydj0-co1AP09NA8ze1JmK85lscfA38EtKXc
Socials:
Website - https://www.heroesmediagroup.com/shows/the-other-side-of-the-firewall/
Audio - https://podcasts.apple.com/us/podcast/the-other-side-of-the-firewall/id1542479181
Instagram (IG) - https://www.instagram.com/theothersideofthefw/
X (Twitter) - https://twitter.com/Ask_a_CISSP
YouTube - https://www.youtube.com/channel/UCXZgdDvlcQ8bP_V4dEF02Yw
Ryan on Twitter, LinkedIn, Clubhouse, and Threads - @ryrysecurityguy
Chris on LinkedIn - https://www.linkedin.com/in/chrisabacon/
Chapters
00:00 Introduction
00:35 Microsoft's Source Code Theft
02:28 Microsoft's Global Presence
03:28 Delayed Detection of the Attack
04:24 Microsoft's Vulnerability and Targeted Attacks
05:30 Incomplete Information and Ongoing Investigation
06:28 Lessons Learned and Future Threats
07:06 Access Control and Privileged Accounts
07:39 Legacy Accounts and Identity Access Management
08:04 Expectations and Follow-up
08:55 Call to Action
#cybersecurity #microsoft #russia
601 episoder
Del
