Seriously Risky Business Newsletter
April 04, 2024
CSRB Lashes Microsoft's 'Cascade of Security Failures'
Presented by

Policy & Intelligence
The Cyber Safety Review Board (CSRB) has described 'a cascade of avoidable errors' by Microsoft in an incident in which a PRC-affiliated cyber espionage actor accessed email accounts belonging to senior US and UK officials.
A newly released report by the CSRB states:
The review found that the threat actor responsible was also linked to the 2009 Operation Aurora compromise of dozens of private companies, including Google, and also to the 2011 RSA SecurID incident.