Bleeping Computer

Stolen Microsoft key offered widespread access to Microsoft cloud services

The Microsoft consumer signing key stolen by Storm-0558 Chinese hackers provided them with access far beyond the Exchange Online and Outlook.com accounts that Redmond said were compromised, according ...
Bleeping Computer

Hackers stole Microsoft signing key from Windows crash dump

Microsoft says Storm-0558 Chinese hackers stole a signing key used to breach government email accounts from a Windows crash dump after compromising a Microsoft engineer's corporate account. The ...
TechCrunch

Microsoft reveals how hackers stole its email signing key… kind of

A series of unfortunate and cascading mistakes allowed a China-backed hacking group to steal one of the keys to Microsoft’s email kingdom that granted near unfettered access to U.S. government inboxes ...
Computer Weekly

Microsoft finds Storm-0558 exploited crash dump to steal signing key

Microsoft has published details of how a Chinese state-backed advanced persistent threat (APT) actor tracked as Storm-0558 was able to get its hands on a Microsoft account (MSA) consumer key to forge ...
TWCN Tech News

Why Microsoft stores your Windows Device Encryption Key to OneDrive

Microsoft automatically encrypts your new Windows device and stores the Windows 11/10 Device Encryption Key on OneDrive, when you sign in using your Microsoft Account. This post talks of why Microsoft ...