{"id":223699,"date":"2024-01-31T09:17:25","date_gmt":"2024-01-31T09:17:25","guid":{"rendered":"https:\/\/bm.dev.synology.me\/?p=223699"},"modified":"2024-01-31T09:17:25","modified_gmt":"2024-01-31T09:17:25","slug":"microsoft-a-descoperit-cum-au-avut-acces-hackerii-rusi-peste-o-luna-de-zile-la-emailuri-ale-sefilor-corporatiei-un-cont-vechi-de-test-pentru-care-nu-era-activata-autentificarea-multi-factor-o-masu","status":"publish","type":"post","link":"https:\/\/bm.dev.synology.me\/?p=223699","title":{"rendered":"Microsoft a descoperit cum au avut acces hackerii ru\u015fi peste o lun\u0103 de zile la emailuri ale \u015fefilor corpora\u0163iei: un cont vechi de test, pentru care nu era activat\u0103 autentificarea multi-factor &#8211; o m\u0103sur\u0103 elementar\u0103 de securitate cibernetic\u0103"},"content":{"rendered":"<p>\nGigantul american Microsoft a divulgat modul \u00een care hackeri sponsoriza\u0163i de statul rus &#8211; a\u015fa numita grupare Midnight Blizzard \u2013 a avut acces la conturile de e-mail ale unor persoane din managementul companiei \u015fi a putut s\u0103 fure date confiden\u0163iale: un vechi cont de test, pentru care nu era activat\u0103 o m\u0103sur\u0103 elementar\u0103 de protec\u0163ie \u00een fa\u0163a atacurilor cibernetice, respectiv autentificarea multi-factor (confirmarea identit\u0103\u0163ii cu ajutorul unor m\u0103suri suplimentare pe l\u00e2ng\u0103 e-mail \u015fi parol\u0103, de regul\u0103 cu ajutor unor mesaje SMS sau a unor aplica\u0163ii instalate pe smartphone-uri autorizate), scrie presa interna\u0163ional\u0103.<\/p>\n<p>\nCompania a detectat atacul pe 12 ianuarie, investiga\u0163ia Microsoft stabilind \u00een cele din urm\u0103 c\u0103 gruparea rus\u0103 a p\u0103truns \u00een sistemele sale \u00een noiembrie 2023, c\u00e2nd a efectuat un atac asupra unui cont de test. \u201eFaptul c\u0103 hackerii au reu\u015fit s\u0103 ob\u0163in\u0103 acces la cont folosind un atac prin for\u0163\u0103 brut\u0103 indic\u0103 faptul c\u0103 acesta nu era protejat cu autentificarea cu doi factori (2FA) sau cu autentificarea cu mai mul\u0163i factori (MFA), o practic\u0103 de securitate pe care Microsoft o recomand\u0103 pentru toate tipurile de conturi online. Odat\u0103 ce hackerii au ob\u0163inut acces la contul de test, Microsoft spune c\u0103 hackerii Nobelium l-au folosit pentru a accesa un mic procent din conturile de e-mail corporative ale Microsoft timp de peste o lun\u0103.<\/p>\n<p>\nMicrosoft a precizat c\u0103 printre conturile de e-mail sparte se num\u0103r\u0103 cele ale unor membri ai echipei de conducere a Microsoft \u015fi ale unor angaja\u0163i din departamentele de securitate cibernetic\u0103 \u015fi juridic, de la care hackerii au furat e-mailuri \u015fi ata\u015famente. Unele informa\u0163ii vehiculate de angaja\u0163ii Microsoft vizau chiar gruparea rus\u0103, astfel c\u0103 hackerii au aflat ce date despre ei sunt cunoscute, conform sursei citate.<br \/>\n&nbsp;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Gigantul american Microsoft a divulgat modul \u00een care hackerii sponsoriza\u0163i de statul rus &#8211; a\u015fa numita grupare Midnight Blizzard \u2013 a avut acces la conturile de e-mail ale unor persoane din managementul companiei \u015fi a putut s\u0103 fure date confiden\u0163iale: un vechi cont de test, pentru care nu era activat\u0103 o m\u0103sur\u0103 elementar\u0103 de protec\u0163ie \u00een fa\u0163a atacurilor cibernetice, respectiv autentificarea multi-factor (confirmarea identit\u0103\u0163ii cu ajutorul unor m\u0103suri suplimentare pe l\u00e2ng\u0103 e-mail \u015fi parol\u0103, de regul\u0103 cu ajutor unor mesaje SMS sau a unor aplica\u0163ii instalate pe smartphone-uri autorizate), scrie presa interna\u0163ional\u0103.<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[510],"tags":[238,7942,14785,442],"class_list":["post-223699","post","type-post","status-publish","format-standard","hentry","category-actualitate","tag-acces","tag-cont","tag-hackeri","tag-microsoft"],"_links":{"self":[{"href":"https:\/\/bm.dev.synology.me\/index.php?rest_route=\/wp\/v2\/posts\/223699","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/bm.dev.synology.me\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/bm.dev.synology.me\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/bm.dev.synology.me\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/bm.dev.synology.me\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=223699"}],"version-history":[{"count":0,"href":"https:\/\/bm.dev.synology.me\/index.php?rest_route=\/wp\/v2\/posts\/223699\/revisions"}],"wp:attachment":[{"href":"https:\/\/bm.dev.synology.me\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=223699"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/bm.dev.synology.me\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=223699"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/bm.dev.synology.me\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=223699"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}