{"id":52996,"date":"2023-07-31T00:59:42","date_gmt":"2023-07-31T00:59:42","guid":{"rendered":"https:\/\/www.threatshub.org\/blog\/us-senator-victim-blames-microsoft-for-chinese-hack\/"},"modified":"2023-07-31T00:59:42","modified_gmt":"2023-07-31T00:59:42","slug":"us-senator-victim-blames-microsoft-for-chinese-hack","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/us-senator-victim-blames-microsoft-for-chinese-hack\/","title":{"rendered":"US senator victim-blames Microsoft for Chinese hack"},"content":{"rendered":"<p><span class=\"label\">Infosec in brief<\/span> US senator Ron Wyden (D-OR) thinks it&#8217;s Microsoft&#8217;s fault that Chinese hackers broke into Exchange Online, and he wants three separate government agencies to launch investigations and &#8220;hold Microsoft responsible for its negligent cyber security practices.&#8221;&nbsp;<\/p>\n<p>In a <a href=\"https:\/\/www.wyden.senate.gov\/imo\/media\/doc\/wyden_letter_to_cisa_doj_ftc_re_2023_microsoft_breach.pdf\" rel=\"nofollow\">letter<\/a> [PDF] sent to the Department of Justice, Cybersecurity and Infrastructure Security Agency and the Federal Trade Commission Thursday, Wyden argued that Microsoft enabled the attack through four distinct security failures.<\/p>\n<p>The Chinese hack of Microsoft&#8217;s hosted email service, you may recall, occurred because suspected Chinese hackers were able to <a href=\"https:\/\/www.theregister.com\/2023\/07\/13\/microsoft_alleges_china_behind_espionagefocused\/\">steal an encryption key<\/a> used for Microsoft account (MSA) services.&nbsp;&nbsp;<\/p>\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"top\" data-raptor=\"condor\" data-xsm=\",fluid,mpu,\" data-sm=\",fluid,mpu,\" data-md=\",fluid,mpu,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ZMcPMj2Y8oWWy3zBrwS28AAAAEE&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\" target=\"_blank\" rel=\"noopener\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ZMcPMj2Y8oWWy3zBrwS28AAAAEE&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<p>Wyden asserts that Microsoft failed its customers by employing just a single encryption key with the power to forge access to customer accounts \u2013 including those belonging to US government agencies. He also says Microsoft was negligent in not storing high-value encryption keys in a hardware security module, and is concerned that security audits, both internal and external, failed to find security weaknesses that enabled the hack.&nbsp;<\/p>\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"top\" data-raptor=\"falcon\" data-xmd=\",fluid,mpu,leaderboard,\" data-lg=\",fluid,mpu,leaderboard,\" data-xlg=\",fluid,billboard,superleaderboard,mpu,leaderboard,\" data-xxlg=\",fluid,billboard,superleaderboard,brandwidth,brandimpact,leaderboard,mpu,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=4&amp;c=44ZMcPMj2Y8oWWy3zBrwS28AAAAEE&amp;t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" target=\"_blank\" rel=\"noopener\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=4&amp;c=44ZMcPMj2Y8oWWy3zBrwS28AAAAEE&amp;t=ct%3Dns%26unitnum%3D426raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<div class=\"adun_eagle_desktop_story_wrapper\">\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"mid\" data-raptor=\"eagle\" data-xxlg=\",mpu,dmpu,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=3&amp;c=33ZMcPMj2Y8oWWy3zBrwS28AAAAEE&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0\" target=\"_blank\" rel=\"noopener\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=3&amp;c=33ZMcPMj2Y8oWWy3zBrwS28AAAAEE&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<\/p><\/div>\n<p>Most egregiously, the stolen security key had expired in 2021 yet was still usable, Wyden charged in the letter. &#8220;Authentication tokens signed by an expired key should never have been accepted as valid,&#8221; the senator fumed.<\/p>\n<p>Wyden also laid some blame for the China-linked attack on Microsoft at the feet of the Biden administration, which he said didn&#8217;t appropriately study the SolarWinds hack. Such an effort, he said, could have prevented this latest mess.&nbsp;<\/p>\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"top\" data-raptor=\"falcon\" data-xsm=\",fluid,mpu,\" data-sm=\",fluid,mpu,\" data-md=\",fluid,mpu,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=4&amp;c=44ZMcPMj2Y8oWWy3zBrwS28AAAAEE&amp;t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" target=\"_blank\" rel=\"noopener\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=4&amp;c=44ZMcPMj2Y8oWWy3zBrwS28AAAAEE&amp;t=ct%3Dns%26unitnum%3D426raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<p>Wyden wants CISA to spin up a review board to investigate the hack, and thinks the DoJ should use civil enforcement tools to determine whether Microsoft may have violated federal contract law through its negligence. Wyden also asked the FTC to figure out whether Microsoft violated any of its regulations, and whether the hack puts Microsoft in danger of violating a 2002 consent decree it has with the FTC over security <a href=\"https:\/\/www.theregister.com\/2002\/08\/08\/microsoft_squares_ftc_over_passport\/\">failures<\/a> in its Passport web service.<\/p>\n<p>None of what Wyden calls for in the letter is binding.<\/p>\n<h3 class=\"crosshead\">Don&#8217;t forget: Nation-state hacking isn&#8217;t a one-way street<\/h3>\n<p>Just in case you thought it was just Chinese hackers hitting US targets, or Russians DDoSing Ukraine, Chinese officials want you to know that the US hacks them, too.<\/p>\n<p>According to Chinese state-run news sources, the Wuhan Earthquake Monitoring Center was &#8220;subjected to a cyber attack by an overseas organization&#8221; that Chinese officials have preliminarily identified as the US National Security Agency&#8217;s office of Tailored Access Operations. NSA TAO hackers, say Chinese officials, loaded Trojan software into the WEMC&#8217;s systems enabling them to snoop on data collected by the organization.<\/p>\n<p>An unnamed expert who spoke to Chinese outlet <em>The Global Times<\/em> <a href=\"https:\/\/www.globaltimes.cn\/page\/202307\/1295064.shtml\" rel=\"nofollow\">claimed<\/a> that such data could be used to infer the location of underground military bases and other subterranean features, and as such is a national security matter.&nbsp;<\/p>\n<div aria-hidden=\"true\" class=\"adun\" id=\"story_eagle_xsm_sm_md_xmd_lg_xlg\" data-pos=\"mid\" data-raptor=\"eagle\" data-xsm=\",mpu,dmpu,\" data-sm=\",mpu,dmpu,\" data-md=\",mpu,dmpu,\" data-xmd=\",mpu,dmpu,\" data-lg=\",mpu,dmpu,\" data-xlg=\",mpu,dmpu,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=3&amp;c=33ZMcPMj2Y8oWWy3zBrwS28AAAAEE&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0\" target=\"_blank\" rel=\"noopener\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=3&amp;c=33ZMcPMj2Y8oWWy3zBrwS28AAAAEE&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<p>This isn&#8217;t the first time the NSA&#8217;s TAO office has been accused by Chinese officials of cyber attacks. In June of last year, <a href=\"https:\/\/www.theregister.com\/2022\/09\/07\/china_accuses_usa_nsa_cyberattack\/\">NSA hackers allegedly attacked<\/a> the Northwestern Polytechnical University in Xi&#8217;an, allegedly exfiltrating data and hijacking thousands of devices. The University is known to conduct aerospace research for the Chinese government.<\/p>\n<div class=\"boxout\" readability=\"34.020408163265\">\n<h3 class=\"crosshead\">Critical vulnerabilities: Time-to-update-Ubuntu edition<\/h3>\n<p>This week&#8217;s critical vulnerabilities are led by a pair of CVEs identified in the Ubuntu OverlayFS module \u2013 a popular Linux overlay filesystem.&nbsp;<\/p>\n<p>Dubbed &#8220;GameOver(lay)&#8221; by the researchers from cloud security firm Wiz that discovered it, the <a href=\"https:\/\/ubuntu.com\/security\/CVE-2023-32629\" rel=\"nofollow\">pair<\/a> of <a href=\"https:\/\/ubuntu.com\/security\/CVE-2023-2640\" rel=\"nofollow\">vulnerabilities<\/a> stem from previous modifications made by Ubuntu to OverlayFS that could allow an attacker to use a specially crafted executable to escalate to root privileges on affected machines.<\/p>\n<p><a href=\"https:\/\/www.wiz.io\/blog\/ubuntu-overlayfs-vulnerability\" rel=\"nofollow\">Multiple<\/a> recent Ubuntu kernels are affected, but patches are available. If patching isn&#8217;t immediately possible, Ubuntu suggests disabling the ability for unprivileged users to create namespaces.<\/p>\n<p>Several critical ICS vulnerabilities were identified this week, too:<\/p>\n<ul>\n<li>CVSS 9.8 \u2013 <a href=\"https:\/\/www.cisa.gov\/news-events\/ics-advisories\/icsa-23-208-03\" rel=\"nofollow\">CVE-2023-3346<\/a>: A whole bunch of Mitsubishi Electric CNC machines are vulnerable to a classic buffer overflow that could allow an attacker to execute malicious code on vulnerable machines.<\/li>\n<li>CVSS 9.4 \u2013 <a href=\"https:\/\/www.cisa.gov\/news-events\/ics-advisories\/icsa-23-206-03\" rel=\"nofollow\">CVE-2023-1935<\/a>: Several models of Emerson ROC800 series remote terminal units are vulnerable to authentication bypass.<\/li>\n<li>CVSS 8.3 \u2013 <a href=\"https:\/\/www.cisa.gov\/news-events\/ics-advisories\/icsa-23-206-04\" rel=\"nofollow\">CVE-2023-3548<\/a>: Johnson Controls&#8217; IQ Wifi 6 AP firmware prior to versions 2.0.2 doesn&#8217;t properly restrict excessive login attempts, which can allow brute force attacks.<\/li>\n<\/ul>\n<p>As for known exploits, researchers from VulnCheck are reporting that <a href=\"https:\/\/vulncheck.com\/blog\/mikrotik-foisted-revisited\" rel=\"nofollow\">more than 900,000<\/a> of the most recent MikroTik RouterOS long-term systems are still vulnerable to <a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-30799\" rel=\"nofollow\">CVE-2023-30799<\/a>, a privilege escalation exploit.&nbsp;<\/p>\n<p>Despite the CVE being new, MikroTik has reportedly known about the issue since late last year when it patched the issue in RouterOS stable. The patch never made it to RouterOS long-term, however, so if you&#8217;re running MikroTik routers with that OS flavor, get patching.<\/p>\n<\/div>\n<h3 class=\"crosshead\">BreachForums users: Have you been pwned?<\/h3>\n<p>Users of the notorious hacking forum BreachForums, which was <a href=\"https:\/\/www.theregister.com\/2023\/03\/22\/breachforums_shut_down\/\">shut down<\/a> in March of this year after its <a href=\"https:\/\/www.theregister.com\/2023\/03\/20\/in_brief_security\/\">founder was arrested<\/a>, may want to start worrying \u2013 it appears their information is for sale online.<\/p>\n<p>That&#8217;s according to data breach notification site <em>Have I Been Pwned<\/em>, which on Wednesday <a href=\"https:\/\/haveibeenpwned.com\/PwnedWebsites#BreachForums\" rel=\"nofollow\">added<\/a> data belonging to 212,156 BreachForums users to its database of compromised credentials. Included in the hack were email addresses, IP addresses, passwords, usernames and \u2013 most worrying of all for users \u2013 private messages exchanged between hackers on the site.<\/p>\n<p>According to <em>Have I Been Pwned<\/em>, BreachForums was breached in November 2022, and the data was provided by a source who only referred to themselves as &#8220;breached_db_person.&#8221;&nbsp;<\/p>\n<p>Data from the original BreachForums joins data stolen from a BreachForum clone that appeared in June, which was <a href=\"https:\/\/www.hackread.com\/breachforums-data-breach-members-data-leak\/\" rel=\"nofollow\">compromised<\/a> within days due to an exposed database backup that included user data and password hashes.&nbsp;&nbsp;\u00ae<\/p>\n<p> READ MORE <a href=\"https:\/\/go.theregister.com\/feed\/www.theregister.com\/2023\/07\/31\/infosec_in_brief\/\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>ALSO: China says US hacked it right back, BreachForums users have been pwned, and this week&#8217;s critical vulns Infosec in brief\u00a0 US senator Ron Wyden (D-OR) thinks it&#8217;s Microsoft&#8217;s fault that Chinese hackers broke into Exchange Online, and he wants three separate government agencies to launch investigations and &#8220;hold Microsoft responsible for its negligent cyber security practices.&#8221;\u00a0\u2026 READ MORE HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[63],"tags":[],"class_list":["post-52996","post","type-post","status-publish","format-standard","hentry","category-the-register"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.5 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>US senator victim-blames Microsoft for Chinese hack 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/us-senator-victim-blames-microsoft-for-chinese-hack\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"US senator victim-blames Microsoft for Chinese hack 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/us-senator-victim-blames-microsoft-for-chinese-hack\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2023-07-31T00:59:42+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ZMcPMj2Y8oWWy3zBrwS28AAAAEE&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/us-senator-victim-blames-microsoft-for-chinese-hack\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/us-senator-victim-blames-microsoft-for-chinese-hack\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"US senator victim-blames Microsoft for Chinese hack\",\"datePublished\":\"2023-07-31T00:59:42+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/us-senator-victim-blames-microsoft-for-chinese-hack\\\/\"},\"wordCount\":960,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/us-senator-victim-blames-microsoft-for-chinese-hack\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/pubads.g.doubleclick.net\\\/gampad\\\/ad?co=1&amp;iu=\\\/6978\\\/reg_security\\\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ZMcPMj2Y8oWWy3zBrwS28AAAAEE&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\",\"articleSection\":[\"The Register\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/us-senator-victim-blames-microsoft-for-chinese-hack\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/us-senator-victim-blames-microsoft-for-chinese-hack\\\/\",\"name\":\"US senator victim-blames Microsoft for Chinese hack 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/us-senator-victim-blames-microsoft-for-chinese-hack\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/us-senator-victim-blames-microsoft-for-chinese-hack\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/pubads.g.doubleclick.net\\\/gampad\\\/ad?co=1&amp;iu=\\\/6978\\\/reg_security\\\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ZMcPMj2Y8oWWy3zBrwS28AAAAEE&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\",\"datePublished\":\"2023-07-31T00:59:42+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/us-senator-victim-blames-microsoft-for-chinese-hack\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/us-senator-victim-blames-microsoft-for-chinese-hack\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/us-senator-victim-blames-microsoft-for-chinese-hack\\\/#primaryimage\",\"url\":\"https:\\\/\\\/pubads.g.doubleclick.net\\\/gampad\\\/ad?co=1&amp;iu=\\\/6978\\\/reg_security\\\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ZMcPMj2Y8oWWy3zBrwS28AAAAEE&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\",\"contentUrl\":\"https:\\\/\\\/pubads.g.doubleclick.net\\\/gampad\\\/ad?co=1&amp;iu=\\\/6978\\\/reg_security\\\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ZMcPMj2Y8oWWy3zBrwS28AAAAEE&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/us-senator-victim-blames-microsoft-for-chinese-hack\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"US senator victim-blames Microsoft for Chinese hack\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"US senator victim-blames Microsoft for Chinese hack 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/us-senator-victim-blames-microsoft-for-chinese-hack\/","og_locale":"en_US","og_type":"article","og_title":"US senator victim-blames Microsoft for Chinese hack 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/us-senator-victim-blames-microsoft-for-chinese-hack\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2023-07-31T00:59:42+00:00","og_image":[{"url":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ZMcPMj2Y8oWWy3zBrwS28AAAAEE&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0","type":"","width":"","height":""}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/us-senator-victim-blames-microsoft-for-chinese-hack\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/us-senator-victim-blames-microsoft-for-chinese-hack\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"US senator victim-blames Microsoft for Chinese hack","datePublished":"2023-07-31T00:59:42+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/us-senator-victim-blames-microsoft-for-chinese-hack\/"},"wordCount":960,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/us-senator-victim-blames-microsoft-for-chinese-hack\/#primaryimage"},"thumbnailUrl":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ZMcPMj2Y8oWWy3zBrwS28AAAAEE&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0","articleSection":["The Register"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/us-senator-victim-blames-microsoft-for-chinese-hack\/","url":"https:\/\/www.threatshub.org\/blog\/us-senator-victim-blames-microsoft-for-chinese-hack\/","name":"US senator victim-blames Microsoft for Chinese hack 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/us-senator-victim-blames-microsoft-for-chinese-hack\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/us-senator-victim-blames-microsoft-for-chinese-hack\/#primaryimage"},"thumbnailUrl":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ZMcPMj2Y8oWWy3zBrwS28AAAAEE&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0","datePublished":"2023-07-31T00:59:42+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/us-senator-victim-blames-microsoft-for-chinese-hack\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/us-senator-victim-blames-microsoft-for-chinese-hack\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/us-senator-victim-blames-microsoft-for-chinese-hack\/#primaryimage","url":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ZMcPMj2Y8oWWy3zBrwS28AAAAEE&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0","contentUrl":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ZMcPMj2Y8oWWy3zBrwS28AAAAEE&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0"},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/us-senator-victim-blames-microsoft-for-chinese-hack\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"US senator victim-blames Microsoft for Chinese hack"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/52996","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=52996"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/52996\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=52996"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=52996"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=52996"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}