InfoSec News Nuggets 07/17/2023
Microsoft still unsure how hackers stole Azure AD signing key Microsoft says it still doesn't know how Chinese hackers stole an inactive Microsoft account (MSA) consumer signing key used to breach the Exchange Online and Azure AD accounts of two dozen organizations, including government agencies. "The method by which the actor acquired the key is a matter of ongoing investigation," Microsoft admitted in a new advisory published today. The incident was reported by U.S. government officials after the discovery of unauthorized…