Microsoft blamed for “a cascade of security failures” in Exchange breach report (arstechnica.com)
from tedu to cloudsec on 05 Apr 2024 18:55
https://azorius.net/g/cloudsec/p/9xcMgfT5fY63s5Dkl3-Microsoft-blamed-for-a-cascade-of-security-failu

A federal Cyber Safety Review Board has issued its report on what led to last summer's capture of hundreds of thousands of emails by Chinese hackers from cloud customers, including federal agencies. It cites "a cascade of security failures at Microsoft" and finds that "Microsoft's security culture was inadequate" and needs to adjust to a "new normal" of cloud provider targeting.

https://www.cisa.gov/sites/default/files/2024-04/CSRB_Review_of_the_Summer_2023_MEO_Intrusion_Final_508c.pdf

#cloudsec

threaded - newest