Microsoft Warns of Chinese Hackers Spying on Cloud Technology (msn.com) 22
Microsoft warned that an advanced Chinese hacking group is waging a campaign of supply-chain attacks. From a report: The company's threat intelligence division said in a blog post Wednesday that the group, known as Silk Typhoon, was targeting remote management tools and cloud applications in order to spy on a range of companies and organizations in the US and abroad.
Microsoft said it observed in late 2024 that hackers were targeting cloud storage services, from which they would steal keys that could be used to access customer data. The group breached state and local government organizations and companies in the technology sector, seeking information on US government policy and documents related to law enforcement investigations. Silk Typhoon was behind a December hack that targeted the US Treasury Department, compromising more than 400 computers, Bloomberg News previously reported.
Microsoft said it observed in late 2024 that hackers were targeting cloud storage services, from which they would steal keys that could be used to access customer data. The group breached state and local government organizations and companies in the technology sector, seeking information on US government policy and documents related to law enforcement investigations. Silk Typhoon was behind a December hack that targeted the US Treasury Department, compromising more than 400 computers, Bloomberg News previously reported.
Re: (Score:1)
Re: Targeting the US Treasury? (Score:1)
Re: (Score:1)
And leaving open big holes as they transfer the "secure" data to Grok and to Russia.
Re: (Score:1)
Seriously. I have 15 mod points to use and there's not a comment that is Interesting, Insightful, or Informative to use them on. And I feel like modding these idiots down just makes them feel important.
Re: Targeting the US Treasury? (Score:2)
Re: (Score:1)
fuck - do you get your imagination of the world, from the view
Re: Targeting the US Treasury? (Score:1)
Re: (Score:2)
So you're suggesting that China was only able to get into these systems because of Musk/DOGE? I don't think you actually had a thought, and said it anyway. When I was eight years old a grown up listened to me and said 'Just because you can speak doesn't mean you actually have anything to say'. I am sharing the same unsolicited advice with you instead of wasting a mod point on your comment.
Re: (Score:2)
The gold is probably stored in some toilet in Mar-a-Lago by now...
Using could base services increases your attack... (Score:2)
Re: (Score:2)
you indeed got to wonder why the us, a superpower with the largest defense budget in the world by far, four times that of its next competitor, routinely making enemies all over the planet and paranoid about cybersecurity to the extent of banning phones and video sharing apps still gets critical infrastructure pwned on ... microsoft cloud. you couldn't make this up.
Re: (Score:2)
TikTok was banned because they couldn't censor it. Once the Bin Laden letter caught wind it had to go.
Re: (Score:1)
for a lot business this is a massive advantage and it might even justify the massive risk.
However this is another case when the industry basically invented a security model to justify what they already wanted to do and were already building. Then they propagandized relentlessly until anyone who dared criticize it was dismissed as not understanding or recalcitrant.
I speak of "Zero Trust" which is full of good ideas and good security practices like continuous validation, and unified identity management etc.
Re: (Score:2)
That depends. But with Microsoft you are lost: https://www.cisa.gov/sites/def... [cisa.gov]
Re: (Score:2)
Oh no, this is China hackers, so they're still perfectly willing and able to do something about it. However, if they were to move over the northern border to Russia, all bets are off.
you are being attacked, pay to find out and fix (Score:2)
You are being attacked!
You'll need Logging Plan Level 2 to see the logs, reach out to Sales for a quote.
If you want to do something about the attacks then you need to upgrade to E5 and buy Defender for Cloud (Supreme Leader version), Sales can help!
look look! Goodyear Blimp! (Score:1)
these 'non-news' propaganda nonsense items shouldn't even be making slashdot.
any IT admin knows that EVERYONE is trying to gain unauthorised access to our data, including our own government agencies.
slashdot has become very much like facebook and other social media - peddling nonsense to create a narrative only the most idiotic fall for. it's ridiculous.
Advanced? Against Microsoft? Not needed. (Score:2)
Walking in on the MS cloud is easy. The only hard part is not getting discovered after a few years.
Getting discovered by careful MS customers that is, MS does not even notice and when they are told, they cannot analyze because they do not keep logs for a reasonable time:
https://www.cisa.gov/sites/def... [cisa.gov]