Security News Cyber Safety Review Board Releases Report on Microsoft Online Exchange Incident from Summer 2023

Gandalf_The_Grey

Level 82
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
7,103
Today, the U.S. Department of Homeland Security (DHS) released the Cyber Safety Review Board’s (CSRB) findings and recommendations following its independent review of the Summer 2023 Microsoft Exchange Online intrusion. The review detailed operational and strategic decisions that led to the intrusion and recommended specific practices for industry and government to implement to ensure an intrusion of this magnitude does not happen again. Secretary of Homeland Security Alejandro N. Mayorkas received the CSRB report from the Board and delivered it to President Biden. This is the third review completed by the CSRB since the Board was announced in February 2022.
 

Gandalf_The_Grey

Level 82
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
7,103
Microsoft slammed for a cascade of faults that leads to Storm-0558 cloud hack
The US Cyber Safety Review Board has now published its report on the hack of Microsoft Online Exchange in the summer of 2023 by the suspected Chinese group Storm-0558. The board's conclusion: Microsoft can't do security! And certainly not in its own cloud. A "cascade" of errors, committed by Microsoft or its employees, is responsible for the hack of the Microsoft Cloud and Microsoft Online Exchange accounts.
The Board of Inquiry recommends that Microsoft develop and make public a plan with specific timelines for fundamental, security-oriented reforms across the company and its product portfolio. Microsoft has cooperated fully with the Board's review, it says. US media outlets such as the Washington Post and AP have jumped on the issue and are picking Microsoft apart. In the USA, the first authorities and major customers have already started to turn away from Microsoft.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top