Karl Voit  Sep 29, 2023

After basically the whole #Microsoft #Azure cloud was hacked (see list of related sources on https://karl-voit.at/cloud/ ), the first follow-up incidents went public caused by missing containment actions:

60,000 emails were stolen from 10 #USA #StateDepartment accounts
https://www.reuters.com/world/us/chinese-hackers-stole-60000-emails-us-state-department-microsoft-hack-senate-2023-09-27/

If you didn't understand until now: basically EVERYTHING at Microsoft got hacked and Microsoft can't (or won't) get rid of the intruders. Everything authenticated by Microsoft is tainted. Even #Windows auth.

You Can't Control Your Data in the Cloud

Show threadYet Another EU NerdSep 29, 2023

@publicvoit Could you go a little bit more in depth about:

> Microsoft can't (or won't) get rid of the intruders

P.S. I must admit I didn't read your article on karl-voit.at; was a little bit too long sorry 🙏

Show threadKarl Voit  

@yaeunerd Sure.

In simple words: #Microsoft lost one of their master keys to unlock very important parts of their cloud. This connects to all MS services that do authenticate by MS which includes most #Windows setups as well.

This happened long time ago, some people think it was the Chinese.

They were able to implant #backdoors, self-made keys, ... all over the place.

In order to fix that, MS would need to kill all their connected hosts and start from scratch. It's obvious why they don't.

Sep 29, 2023 at 12:41pmWeb
Show threadalastair87 (old account)Sep 30, 2023
@publicvoit @yaeunerd I would expect there are Chinese spies working at Microsoft as well, probably also other large cloud companies.