microsoft hires hackers

Introduction：

2、Microsoft Actions Following Attack by Nation State Actor Midnight Blizzard

Microsoft Zero Day Quest ♂

　　To help you with your AI bounty submissions, we are offering an opportunity to expand your bug finding skills for AI systems specifically. Microsoft’s AI Red Team has developed PyRIT (Python Risk Identification Toolkit for Generative AI), an open-source red team automation framework. PyRIT is a powerful supplement to manual testing efforts.

　　During the session, attendees will learn how to effectively utilize PyRIT for researching failures and bugs in generative AI systems. This includes setting up targets, leveraging datasets, exploring various attack strategies, and utilizing the memory functionality. This session offers an opportunity to learn from industry’s best practices on empowering researchers and may help you qualify for the Onsite Zero Day Hacking Event.

　　Join us for the training on December 2, 2024, at 9:30 am PST. Please register at https://aka.ms/AIRedTeamTraining.

　　OUT OF SCOPE SUBMISSIONS AND VULNERABILITIES

　　Please refer to the out-of-scope sections of the following bounty programs, AI, Azure, Identity, M365, Dynamics & Power Platform.

Microsoft Actions Following Attack by Nation State Actor Midnight Blizzard ♂

　　The Microsoft security team detected a nation-state attack on our corporate systems on January 12, 2024, and immediately activated our response process to investigate, disrupt malicious activity, mitigate the attack, and deny the threat actor further access. Microsoft has identified the threat actor as Midnight Blizzard, the Russian state-sponsored actor also known as Nobelium. As part of our ongoing commitment to responsible transparency as recently affirmed in our Secure Future Initiative (SFI), we are sharing this update.

　　Beginning in late November 2023, the threat actor used a password spray attack to compromise a legacy non-production test tenant account and gain a foothold, and then used the account’s permissions to access a very small percentage of Microsoft corporate email accounts, including members of our senior leadership team and employees in our cybersecurity, legal, and other functions, and exfiltrated some emails and attached documents. The investigation indicates they were initially targeting email accounts for information related to Midnight Blizzard itself. We are in the process of notifying employees whose email was accessed.

　　The attack was not the result of a vulnerability in Microsoft products or services. To date, there is no evidence that the threat actor had any access to customer environments, production systems, source code, or AI systems. We will notify customers if any action is required.

　　This attack does highlight the continued risk posed to all organizations from well-resourced nation-state threat actors like Midnight Blizzard.

　　As we said late last year when we announced Secure Future Initiative (SFI), given the reality of threat actors that are resourced and funded by nation states, we are shifting the balance we need to strike between security and business risk – the traditional sort of calculus is simply no longer sufficient. For Microsoft, this incident has highlighted the urgent need to move even faster. We will act immediately to apply our current security standards to Microsoft-owned legacy systems and internal business processes, even when these changes might cause disruption to existing business processes.

　　This will likely cause some level of disruption while we adapt to this new reality, but this is a necessary step, and only the first of several we will be taking to embrace this philosophy.

Microsoft Zero Day Quest ♂

Microsoft Actions Following Attack by Nation State Actor Midnight Blizzard ♂

Related questions