* . *
  • About
  • Advertise
  • Privacy & Policy
  • Contact
Saturday, August 2, 2025
Earth-News
  • Home
  • Business
  • Entertainment
    Sens. Blackburn, Warnock introduce CREATE Act to provide tax relief to music creators – Yahoo Home

    Sens. Blackburn and Warnock Launch CREATE Act to Deliver Tax Relief for Music Creators

    That’s (Political) Entertainment: When Theatre Meets Politics

    Future Script: How Generative AI Is Changing Collective Bargaining in the Entertainment Industry – Jackson Lewis

    Future Script: How Generative AI Is Transforming Collective Bargaining in Entertainment

    The SBA’s live-entertainment bailout was supposed to end two years ago. We still don’t know how $1.5 billion was spent. – Yahoo Home

    $1.5 Billion Live-Entertainment Bailout: Two Years Later, Where Did the Money Go?

    Wall Street Bets: Caesars, Golden Entertainment, Churchill Downs, GLPI, Boyd – CDC Gaming

    Top Wall Street Bets: Caesars, Golden Entertainment, Churchill Downs, GLPI, and Boyd Take Center Stage

    Micro wrestling coming to NE Ohio – Cleveland.com

    Get Ready, NE Ohio: Micro Wrestling Is Making Its Exciting Debut!

  • General
  • Health
  • News

    Cracking the Code: Why China’s Economic Challenges Aren’t Shaking Markets, Unlike America’s” – Bloomberg

    Trump’s Narrow Window to Spread the Truth About Harris

    Trump’s Narrow Window to Spread the Truth About Harris

    Israel-Gaza war live updates: Hamas leader Ismail Haniyeh assassinated in Iran, group says

    Israel-Gaza war live updates: Hamas leader Ismail Haniyeh assassinated in Iran, group says

    PAP Boss to Niger Delta Youths, Stay Away from the Protest

    PAP Boss to Niger Delta Youths, Stay Away from the Protest

    Court Restricts Protests In Lagos To Freedom, Peace Park

    Court Restricts Protests In Lagos To Freedom, Peace Park

    Fans React to Jazz Jennings’ Inspiring Weight Loss Journey

    Fans React to Jazz Jennings’ Inspiring Weight Loss Journey

    Trending Tags

    • Trump Inauguration
    • United Stated
    • White House
    • Market Stories
    • Election Results
  • Science
  • Sports
  • Technology
    Emory orthopaedic surgeons use robotic technology to transform knee replacement surgery – Emory News Center

    How Robotic Technology is Revolutionizing Knee Replacement Surgery

    Cognizant Technology Solutions Corp (CTSH) Q2 2025 Earnings Call Highlights: Strong Revenue … – Yahoo.co

    Cognizant Q2 2025 Earnings: Impressive Revenue Growth and Key Takeaways

    Revving Up The U.S. Technology Engine – Forbes

    Revving Up The U.S. Technology Engine – Forbes

    More than just a hockey player – Rochester Institute of Technology Athletics

    Beyond the Ice: The Inspiring Journey of a Remarkable Athlete from Rochester Institute of Technology

    Smart Logistics in Warehousing – From Legacy Protocols to Green IoT – How Technology Is Reshaping the Sustainable Supply Chain – Logistics Viewpoints –

    Smart Logistics in Warehousing – From Legacy Protocols to Green IoT – How Technology Is Reshaping the Sustainable Supply Chain – Logistics Viewpoints –

    AI’s race in the dark with China – Axios

    The High-Stakes AI Race: Innovation and Competition in the Shadows

    Trending Tags

    • Nintendo Switch
    • CES 2017
    • Playstation 4 Pro
    • Mark Zuckerberg
No Result
View All Result
  • Home
  • Business
  • Entertainment
    Sens. Blackburn, Warnock introduce CREATE Act to provide tax relief to music creators – Yahoo Home

    Sens. Blackburn and Warnock Launch CREATE Act to Deliver Tax Relief for Music Creators

    That’s (Political) Entertainment: When Theatre Meets Politics

    Future Script: How Generative AI Is Changing Collective Bargaining in the Entertainment Industry – Jackson Lewis

    Future Script: How Generative AI Is Transforming Collective Bargaining in Entertainment

    The SBA’s live-entertainment bailout was supposed to end two years ago. We still don’t know how $1.5 billion was spent. – Yahoo Home

    $1.5 Billion Live-Entertainment Bailout: Two Years Later, Where Did the Money Go?

    Wall Street Bets: Caesars, Golden Entertainment, Churchill Downs, GLPI, Boyd – CDC Gaming

    Top Wall Street Bets: Caesars, Golden Entertainment, Churchill Downs, GLPI, and Boyd Take Center Stage

    Micro wrestling coming to NE Ohio – Cleveland.com

    Get Ready, NE Ohio: Micro Wrestling Is Making Its Exciting Debut!

  • General
  • Health
  • News

    Cracking the Code: Why China’s Economic Challenges Aren’t Shaking Markets, Unlike America’s” – Bloomberg

    Trump’s Narrow Window to Spread the Truth About Harris

    Trump’s Narrow Window to Spread the Truth About Harris

    Israel-Gaza war live updates: Hamas leader Ismail Haniyeh assassinated in Iran, group says

    Israel-Gaza war live updates: Hamas leader Ismail Haniyeh assassinated in Iran, group says

    PAP Boss to Niger Delta Youths, Stay Away from the Protest

    PAP Boss to Niger Delta Youths, Stay Away from the Protest

    Court Restricts Protests In Lagos To Freedom, Peace Park

    Court Restricts Protests In Lagos To Freedom, Peace Park

    Fans React to Jazz Jennings’ Inspiring Weight Loss Journey

    Fans React to Jazz Jennings’ Inspiring Weight Loss Journey

    Trending Tags

    • Trump Inauguration
    • United Stated
    • White House
    • Market Stories
    • Election Results
  • Science
  • Sports
  • Technology
    Emory orthopaedic surgeons use robotic technology to transform knee replacement surgery – Emory News Center

    How Robotic Technology is Revolutionizing Knee Replacement Surgery

    Cognizant Technology Solutions Corp (CTSH) Q2 2025 Earnings Call Highlights: Strong Revenue … – Yahoo.co

    Cognizant Q2 2025 Earnings: Impressive Revenue Growth and Key Takeaways

    Revving Up The U.S. Technology Engine – Forbes

    Revving Up The U.S. Technology Engine – Forbes

    More than just a hockey player – Rochester Institute of Technology Athletics

    Beyond the Ice: The Inspiring Journey of a Remarkable Athlete from Rochester Institute of Technology

    Smart Logistics in Warehousing – From Legacy Protocols to Green IoT – How Technology Is Reshaping the Sustainable Supply Chain – Logistics Viewpoints –

    Smart Logistics in Warehousing – From Legacy Protocols to Green IoT – How Technology Is Reshaping the Sustainable Supply Chain – Logistics Viewpoints –

    AI’s race in the dark with China – Axios

    The High-Stakes AI Race: Innovation and Competition in the Shadows

    Trending Tags

    • Nintendo Switch
    • CES 2017
    • Playstation 4 Pro
    • Mark Zuckerberg
No Result
View All Result
Earth-News
No Result
View All Result
Home Business

Microsoft expands access to cloud logs after hacker forged tokens to get Exchange Online email

July 21, 2023
in Business
Microsoft expands access to cloud logs after hacker forged tokens to get Exchange Online email
Share on FacebookShare on Twitter

Many Microsoft customers will soon have access to expanded cloud logging capabilities at no additional charge, the company said Wednesday, after cybersecurity experts called on it to offer free logging data to organizations using any of its cloud services.

This comes after Microsoft admitted last week that a likely China-based threat actor recently forged authentication tokens to access user email of approximately 25 organizations.

“After working collaboratively over the past year, I am extremely pleased with Microsoft’s decision to make necessary log types available to the broader cybersecurity community at no additional cost,” said Jen Easterly, director of the U.S. Cybersecurity and Infrastructure Security Agency (CISA). “While we recognize this will take time to implement, this is truly a step in the right direction toward the adoption of Secure by Design principles by more companies. We will continue to work with all technology manufacturers, including Microsoft, to identify ways to further enhance visibility into their products for all customers.”

“Today’s announcement comes as a result of our close partnership with CISA, who have called for the industry to take action in order to better protect itself from potential cyber-attacks,” said Vasu Jakkal, Microsoft’s corporate vice-president for security, compliance, identity, and management. “It also reflects our commitment to engaging with customers, partners, and regulators to address the evolving security needs of the modern world.”

Over the coming months Microsoft will include access to a wider variety of cloud security logs for customers at no additional cost, the company said in a blog. IT managers will use Microsoft Purview Audit to see more types of cloud log data generated across their enterprise.

Purview Audit (Standard) customers will receive deeper visibility into security data, including detailed logs of email access and more than 30 other types of log data previously only available to those with Purview Audit (Premium) subscriptions with E5/G5 licences. In addition to new logging events becoming available, Microsoft is also increasing the default retention period for Audit Standard customers from 90 days to 180 days.

Although the CISA and Microsoft have been working for a year on expanding logging data to cloud users, the announcement also comes after experts called for action following last week’s announcement of the email hack aided by forged authentication keys.

“Log information should not be tiered,” Johannes Ulrich, dean of research at the SANS Institute wrote this week in the organization’s weekly news summaries. “It should be available at all license levels, ideally with options to send it straight to your SIEM/SOAR  [security information and event management/security orchestration automation and response] platform.”

Even if they don’t store any logs or make you pay for extra storage, the logs should be available and exportable to everyone, added Lee Neely, a SANS Instructor. “This level of goodwill will go a long way.”

Security Magazine said the agencies targeted by the attackers reportedly include the U.S. State and Commerce Departments. Among the email accounts accessed was one belonging to Secretary of Commerce Gina Raimondo.

The visibility problem was highlighted by Steven Adair, president of Volexity, who said on Twitter, that despite a notification from Microsoft to one of his firm’s clients regarding unauthorized access, “we could not find any corroborating evidence … The incident was invisible to us with the data at our disposal and this was due to the customer’s M365 license level: E3,” he said.

Microsoft first issued an alert on the attack early last week. On Friday it followed up with a more detailed analysis.  Beginning May 15, a group it calls Storm-0558 used forged authentication tokens to access user email from approximately 25 organizations, including government agencies and related consumer accounts in Microsoft’s public cloud. It says “with moderate confidence” that Storm-0558 is a China-based threat actor.

What happened, Microsoft says, was Storm-0558 “acquired an inactive MSA [Microsoft  account] consumer signing key and used it to forge authentication tokens for Azure AD enterprise and MSA consumer to access OWA and Outlook.com.”

“The method by which the actor acquired the key is a matter of ongoing investigation. Though the key was intended only for MSA accounts, a validation issue allowed this key to be trusted for signing Azure AD tokens, Microsoft said.

Forging Azure AD tokens using an acquired consumer signing key and then using it to access Azure AD enterprise and Outlook.com “was made possible by a validation error in Microsoft code,” the company admitted.

Once authenticated through a legitimate client flow leveraging the forged token, Microsoft said, the threat actor accessed the OWA [Outlook Web Access] API to retrieve a token for Exchange Online from the GetAccessTokenForResource API used by OWA. The actor was able to obtain new access tokens by presenting one previously issued from this API due to the design flaw. The actor used these tokens to retrieve mail messages from the OWA API.

This flaw has since been fixed to only accept tokens issued from Azure AD or MSA respectively, Microsoft said. Azure AD keys were not impacted.

This threat actor has displayed an interest in OAuth applications, token theft, and token replay against Microsoft accounts since at least August 2021, the report adds.

The issue of visibility comes out in the Microsoft report, which says the use of an incorrect key to sign access requests allowed its investigation teams to see all of this actor’s access requests, which followed this pattern across both Microsoft’s enterprise and consumer systems.

Authentication tokens are used to validate the identity of entities requesting access to resources such as email, Microsoft says. These tokens are issued to the requesting entity (such as a user’s browser) by identity providers like Azure AD. To prove authenticity, the identity provider signs the token using a private signing key. The relying party validates the token presented by the requesting entity by using a public validation key. Any request whose signature is correctly validated by the published public validation key will be trusted by the relying party. An actor that can acquire a private signing key can then create falsified tokens with valid signatures that will be accepted by relying parties.

It’s not only Microsoft that should provide access logs to its cloud customers, the SANS commentators point out, but all cloud providers. in a press call, SANS said an official of the U.S. Cybersecurity and Infrastructure Security Agency (CISA) said that “Every organization using a technology service like Microsoft 365 should have access to logging and other security data out of the box.”

>>> Read full article>>>
Copyright for syndicated content belongs to the linked Source : ITBusiness.ca – https://www.itbusiness.ca/news/microsoft-expands-access-to-cloud-logs-after-hacker-forged-tokens-to-get-exchange-online-email/125609

Tags: businessexpandsMicrosoft
Previous Post

Mutually Assured Re-Nomination 

Next Post

Microsoft goes all-in with AI at partner conference

Women’s Voices Are the Only Way Forward for Climate Change Solutions: ‘As Women, We Have to Stand Up and Back Up Women’ – Ms. Magazine

Women’s Voices Are the Only Way Forward for Climate Change Solutions: ‘As Women, We Have to Stand Up and Back Up Women’ – Ms. Magazine

August 1, 2025
“A Danger to the Entire Planet”: Amid Deadly Extreme Weather, Trump’s EPA Rejects Climate Science – Democracy Now!

“A Danger to the Entire Planet”: Amid Deadly Extreme Weather, Trump’s EPA Rejects Climate Science – Democracy Now!

August 1, 2025
Ten Lifestyle Group Announces Total Voting Rights and Share Capital Update – TipRanks

Ten Lifestyle Group Announces Total Voting Rights and Share Capital Update – TipRanks

August 1, 2025
Five different countries take gold medals on a wide-open day at the swim world championships – AP News

Five Countries Triumph in a Thrilling, Unpredictable Day at the Swim World Championships

August 1, 2025
US employers slash hiring as Trump advances a punishing trade agenda – AP News

US Employers Slash Hiring as Trump’s Aggressive Trade Policies Shake the Market

August 1, 2025
Duffer Brothers and Jerry Bruckheimer Join Program for Entertainment and Technology Summit – Variety

Duffer Brothers and Jerry Bruckheimer Join Forces for an Exciting Entertainment and Technology Summit

August 1, 2025
Alabama schools enhance mental health support as students return to the classroom – WBMA

Alabama Schools Ramp Up Mental Health Support as Students Return to Classrooms

August 1, 2025
Platts­burgh town su­per­visor eyed for Dem ticket in N.Y. Assembly special election – Spectrum News

Platts­burgh town su­per­visor eyed for Dem ticket in N.Y. Assembly special election – Spectrum News

August 1, 2025
Emory orthopaedic surgeons use robotic technology to transform knee replacement surgery – Emory News Center

How Robotic Technology is Revolutionizing Knee Replacement Surgery

August 1, 2025
Carlos Correa trade grades: Astros score ‘A’ for stunning deadline deal, Twins get their salary dump – CBS Sports

Carlos Correa Trade Grades: Astros Land an ‘A’ for Blockbuster Deadline Deal, Twins Successfully Shed Salary

August 1, 2025

Categories

Archives

August 2025
MTWTFSS
 123
45678910
11121314151617
18192021222324
25262728293031
« Jul    
Earth-News.info

The Earth News is an independent English-language daily published Website from all around the World News

Browse by Category

  • Business (20,132)
  • Ecology (749)
  • Economy (774)
  • Entertainment (21,652)
  • General (16,230)
  • Health (9,811)
  • Lifestyle (782)
  • News (22,149)
  • People (775)
  • Politics (783)
  • Science (15,987)
  • Sports (21,270)
  • Technology (15,752)
  • World (757)

Recent News

Women’s Voices Are the Only Way Forward for Climate Change Solutions: ‘As Women, We Have to Stand Up and Back Up Women’ – Ms. Magazine

Women’s Voices Are the Only Way Forward for Climate Change Solutions: ‘As Women, We Have to Stand Up and Back Up Women’ – Ms. Magazine

August 1, 2025
“A Danger to the Entire Planet”: Amid Deadly Extreme Weather, Trump’s EPA Rejects Climate Science – Democracy Now!

“A Danger to the Entire Planet”: Amid Deadly Extreme Weather, Trump’s EPA Rejects Climate Science – Democracy Now!

August 1, 2025
  • About
  • Advertise
  • Privacy & Policy
  • Contact

© 2023 earth-news.info

No Result
View All Result

© 2023 earth-news.info

No Result
View All Result

© 2023 earth-news.info

Go to mobile version