Microsoft reveals Chinese hackers exploited bug to access US govt emails

Microsoft has revealed that Chinese hackers have exploited a flaw in its cloud email service to gain access to email accounts affecting approximately 25 organisations including government agencies as well as related consumer accounts of individuals likely associated with these organisations. "Our investigation revealed that beginning on May 15, 2023, Storm-0558 gained access to email data from approximately 25 organizations, and a small number of related consumer accounts of individuals likely associated with these organizations," the company said in its latest blog post. They did this by using forged authentication tokens to access user email using an acquired Microsoft account consumer signing key. "We added substantial automated detections for known indicators of compromise associated with this attack to harden defenses and customer environments, and we have found no evidence of further access," said the company.