Dan Goodin reports that Microsoft is not using “exploit” or “zero-day” in what is termed to be several vulnerabilities in its products to allow actors to look at email accounts by looking at email accounts that didn’t belong to them.
This is known by them as Storm0558 which seems to be a Russian group that I’ve heard mentioned in other circles. Remember that Microsoft changed their designations, and not using the standard names anymore.
Microsoft takes pains to obscure role in 0-days that caused email breach is the article tht is written by the site Ars Technica.
BTW, they don’t want to call these issues vulnerabilities either. And, you need to pay to find out if you were ever vulnerable by these “flaws” and “issues.”
Have fun diagnosing this one! This doesn’t make any sense in this industry.
Discover more from Jared's Technology podcast network
Subscribe to get the latest posts sent to your email.