A group of security researchers from Microsoft went public to claim that a Russian-backed hacker used the tool teams to attack dozens of organizations globally, including government agencies.
A redmond technology publication suggests that its collaboration tool was the target of a campaign carried out by a group identified as Midnight Blizzard, also known as APT29 or Cozy Bear. The 'hackers' began attacking their targets in late May, using previously compromised Microsoft 365 accounts.
BUT: Microsoft denies data breach by “Anonymous Sudan” hacktivists
Using these accounts, hackers sent messages to other users in order to gain approved access to bypass authentication and gain access to other accounts to gather sensitive information.
Microsoft's investigation reveals that less than 40 organizations were affected, noting that the technology has already disabled the accounts used and that "continue to investigate this activity".
