Midnight Blizzard
Safeguard articles tagged "Midnight Blizzard" — guides, analysis, and best practices for software supply chain and application security.
5 articles
APT29 Cloud Supply Chain Tradecraft 2025
APT29's 2024-2025 cloud-native tradecraft — from Midnight Blizzard's Microsoft intrusion to the Teams phishing pivots — shows how SVR targets identity as supply chain.
Microsoft Midnight Blizzard Source Code Theft 2024
Midnight Blizzard moved from email exfiltration to Microsoft source code repositories. The pivot from stolen OAuth tokens to code access is the supply chain lesson.
Microsoft Midnight Blizzard: Detailed Timeline
A reconstructed public timeline of Microsoft's Midnight Blizzard intrusion, from the initial password spray in November 2023 through the source code and federal agency disclosures.
Midnight Blizzard and the Microsoft Email Breach
Russia's SVR-linked Midnight Blizzard sat inside Microsoft's corporate email for weeks. Here is what the January 2024 disclosure revealed about identity supply chains.
Midnight Blizzard Breaches Microsoft: What the Exchange Online Attack Means for Everyone
Russian state actors compromised Microsoft executive email accounts through a password spray attack on a legacy test tenant. The breach exposed how identity misconfigurations cascade.