Microsoft confirmed last week that attackers were able to view some of its source code, which it found during an ongoing investigation of the SolarWinds breach. While its threat-modeling approach mitigates the risk of viewing code, many questions remain that could determine the severity of this attack.
In a blog post published on Dec. 31, 2020, officials said Microsoft has not found evidence of access to production services or customer data, nor has it discovered that its systems were used to attack other companies. The company has not found indications of common tactics, techniques, and procedures (TTPs) linked to abuse of forged SAML tokens against its corporate domains.
It did find an internal account had been used to view source code in “a number of code repositories,” according to the blog post, from the Microsoft Security Response…