Attacks/Breaches

6/22/2017
04:24 PM
50%
50%

Two Arrested for Microsoft Network Intrusion

UK authorities arrest two men for allegedly breaking into Microsoft's network with the intent to steal customer data from the software giant.

Two hackers were arrested by UK authorities for allegedly infiltrating Microsoft's computer network without permission, in an attempt to steal customer data from the Redmond giant, according to a BBC report.

The suspects, one a 22-year-old from Sleaford and the other a 25-year-old from Bracknell, allegedly were part of a larger group that had hoped to scoop up the customer information, the BBC reported.

Over a three-month period earlier this year, the two men reportedly made repeated efforts to hack into Microsoft's network, according to the report. And while Microsoft notes no customer data was taken in the incident, it is not yet clear whether the group was able to access other information, the BBC noted.

The two suspects were arrested under the UK Computer Misuse Act, which makes it illegal to access computer networks without authorization.

Read more about the case here.

Dark Reading's Quick Hits delivers a brief synopsis and summary of the significance of breaking news events. For more information from the original source of the news item, please follow the link provided in this article. View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
12 Free, Ready-to-Use Security Tools
Steve Zurier, Freelance Writer,  10/12/2018
Pair of Reports Paint Picture of Enterprise Security Struggling to Keep Up
Curtis Franklin Jr., Senior Editor at Dark Reading,  10/11/2018
New Domains: A Wide-Open Playing Field for Cybercrime
Ben April, CTO, Farsight Security,  10/9/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Flash Poll
The Risk Management Struggle
The Risk Management Struggle
The majority of organizations are struggling to implement a risk-based approach to security even though risk reduction has become the primary metric for measuring the effectiveness of enterprise security strategies. Read the report and get more details today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-18315
PUBLISHED: 2018-10-15
com/mossle/cdn/CdnController.java in lemon 1.9.0 allows attackers to upload arbitrary files because the copyMultipartFileToFile method in CdnUtils only checks for a ../ substring, and does not validate the file type and spaceName parameter.
CVE-2018-18316
PUBLISHED: 2018-10-15
emlog v6.0.0 has CSRF via the admin/user.php?action=new URI.
CVE-2018-18317
PUBLISHED: 2018-10-15
DESHANG DSCMS 1.1 has CSRF via the public/index.php/admin/admin/add.html URI.
CVE-2018-18296
PUBLISHED: 2018-10-15
MetInfo 6.1.2 has XSS via the /admin/index.php bigclass parameter in an n=column&a=doadd action.
CVE-2018-18309
PUBLISHED: 2018-10-15
An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. An invalid memory address dereference was discovered in read_reloc in reloc.c. The vulnerability causes a segmentation fault and application crash, which leads to denial of service,...