Storm-2949 abused Microsoft Entra ID accounts to steal Microsoft 365 and Azure data

Microsoft says a threat actor tracked as Storm-2949 turned compromised Microsoft Entra ID accounts into a wider cloud breach that hit Microsoft 365 data, Azure resources, and production environments. The attackers did not rely on traditional malware at the start of the campaign. Instead, they used social engineering, Microsoft’s Self-Service Password Reset flow, legitimate cloud […] The post Storm-2949 abused Microsoft Entra ID accounts to steal Microsoft 365 and Azure data appeared first on VPN Central.