image credit: Pixabay

Outlook Hack: Microsoft Reveals How a Crash Dump Led to a Major Security Breach

September 7, 2023

Microsoft on Wednesday revealed that a China-based threat actor known as Storm-0558 acquired the inactive consumer signing key to forge tokens and access Outlook by compromising an engineer’s corporate account.

This enabled the adversary to access a debugging environment that contained information pertaining to a crash of the consumer signing system and steal the key. The system crash took place in April 2021.

“A consumer signing system crash in April of 2021 resulted in a snapshot of the crashed process (‘crash dump’),” the Microsoft Security Response Center (MSRC) said in a post-mortem report.

Read More on The Hacker News