all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Securing Your Microsoft Environment After the Midnight Blizzard Attack

Add to bookmarks
c
Feb. 16, 2024, 12:28 a.m. |

Cloud Security Alliance cloudsecurityalliance.org

Originally published by Reco. Written by Oz Wasserman. IntroductionThe attack on Microsoft's SaaS-based Entra environment by Midnight Blizzard (aka Nobelium, Cozy Bear or APT29) was notably one of the most sophisticated attacks seen on similar platforms. This incident, spanning from November 2023 to January 2024, targeted Microsoft's corporate email through a vulnerable Entra test tenant. The lack of Multi-Factor Authentication (MFA) was a key weakness that allowed the attackers unparalleled ...

apt29 attack attacks bear blizzard corporate corporate email cozy bear email entra environment incident january january 2024 microsoft midnight midnight blizzard nobelium november november 2023 platforms reco saas spanning written

Visit resource

More from cloudsecurityalliance.org / Cloud Security Alliance

Cl
Navigating the Cloud – Beyond “Best Practices” 22 hours ago | cloudsecurityalliance.org
architectures best practices beyond businesses +17
Cl
Defining Cloud Key Management: 7 Essential Terms 6 days, 13 hours ago | cloudsecurityalliance.org
access access control breaches cloud +26
Cl
How DSPM Can Help Solve Healthcare Cybersecurity Attacks 6 days, 23 hours ago | cloudsecurityalliance.org
access access controls article attacks +41
Cl
Considerations When Including AI Implementations in Penetration Testing 1 week ago | cloudsecurityalliance.org
application artificial artificial intelligence ask +15
Cl
Five Reasons Why Ransomware Still Reigns 1 week ago | cloudsecurityalliance.org
ben ciso consent cxo +15
Cl
DevSecOps Tools 1 week ago | cloudsecurityalliance.org
code code management development devops +18
Cl
Livin' on the Edge: Linux's Impact on Computing 1 week ago | cloudsecurityalliance.org
attitudes automox changing ciso +16
Cl
Your Ultimate Guide to Security Frameworks 1 week, 1 day ago | cloudsecurityalliance.org
breaches build business customers +13
Cl
The Future of Cloud Cybersecurity 1 week, 1 day ago | cloudsecurityalliance.org
businesses ceo cloud cloud computing +15

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

EY- GDS- Cybersecurity- Staff

@ EY | Miguel Hidalgo, MX, 11520
View on infosec-jobs.com

Staff Security Operations Engineer

@ Workiva | Ames
View on infosec-jobs.com

Public Relations Senior Account Executive (B2B Tech/Cybersecurity/Enterprise)

@ Highwire Public Relations | Los Angeles, CA
View on infosec-jobs.com

Airbus Canada - Responsable Cyber sécurité produit / Product Cyber Security Responsible

@ Airbus | Mirabel
View on infosec-jobs.com

Investigations (OSINT) Manager

@ Logically | India
View on infosec-jobs.com

Security Engineer I, Offensive Security Penetration Testing

@ Amazon.com | US, NY, Virtual Location - New York
View on infosec-jobs.com
View more jobs