Identity Security Spotlight: Midnight Blizzard’s breach of Microsoft

In a recent chat, Tarun Thakur and Rich Dandliker discussed Microsoft's recent breach by Russian hacker group Midnight Blizzard. The attack involved a password spray attack on Microsoft's test environment, which lacked MFA requirements. Attackers gained access to an Oauth application, created additional applications, and compromised Microsoft's corporate environment. Key takeaways include the importance of minimizing highly privileged permissions and improving visibility around permissions. To defend against similar threats, organizations should use tools that provide insight into identities and resources access, as well as monitor for privilege drift. Veza has developed an Access Control Platform to help businesses manage identity-based risks effectively.