•

Compromised Microsoft Key: More Impactful Than We Thought | Wiz Blog

https://www.wiz.io/blog/storm-0558-compromised-microsoft-key-enables-authentication-of-countless-micr

Our investigation of the security incident disclosed by Microsoft and CISA and attributed to Chinese threat actor Storm-0558, found that this incident seems to have a broader scope than originally assumed. Organizations using Microsoft and Azure services should take steps to assess potential impact.

Compromised Microsoft Key: More Impactful Than We Thought | Wiz Blog

3 comments

See all comments

thebeesknees

•

Yes, that part is still undisclosed by Microsoft. It is mentioned in the article as well:

We will continue to closely monitor this incident and provide updates; this is still an ongoing investigation and there are many unanswered questions (how did the threat actor acquire the key? When exactly did it happen? Were other keys compromised as well?).