The Latest Microsoft Midnight Blizzard Breach is a Wakeup Call for SaaS Security | allinfosecnews.com

c

Feb. 14, 2024, 9:38 p.m. |

Cloud Security Alliance cloudsecurityalliance.org

Originally published by Valence. Microsoft recently published new guidance on the nation-state attack that they initially disclosed on January 19. According to Microsoft, the Russian state-sponsored threat actor Midnight Blizzard (also known as NOBELIUM or APT29) was able to leverage a test tenant account and a legacy OAuth application to gain access to corporate email accounts, including members of senior leadership, cybersecurity team, legal team, and others, and exfiltrated some emails and...

account actor apt29 attack blizzard breach call guidance january latest legacy microsoft midnight midnight blizzard nation nation-state attack nobelium russian saas saas security security sponsored state state-sponsored threat actor test threat threat actor valence

More from cloudsecurityalliance.org / Cloud Security Alliance

Cl

How DSPM Can Help Solve Healthcare Cybersecurity Attacks 6 days ago | cloudsecurityalliance.org

access access controls article attacks +41

Cl

Considerations When Including AI Implementations in Penetration Testing 6 days ago | cloudsecurityalliance.org

application artificial artificial intelligence ask +15

Cl

Five Reasons Why Ransomware Still Reigns 6 days ago | cloudsecurityalliance.org

ben ciso consent cxo +15

Cl

DevSecOps Tools 6 days ago | cloudsecurityalliance.org

code code management development devops +18

Cl

Your Ultimate Guide to Security Frameworks 1 week ago | cloudsecurityalliance.org

breaches build business customers +13

Cl

The Future of Cloud Cybersecurity 1 week ago | cloudsecurityalliance.org

businesses ceo cloud cloud computing +15

Cl

AI Hallucinations: The Emerging Market for Insuring Against Generative AI's Costly Blunders 1 week ago | cloudsecurityalliance.org

ai governance ai hallucinations blog chair +16

Cl

Why Business Risk Should be Your Guiding North Star for Remediation 1 week ago | cloudsecurityalliance.org

adoption agile attack attack surface +19

Cl

Upselling Cybersecurity: Why Baseline Security Features Shouldn’t Be a Commodity 1 week ago | cloudsecurityalliance.org

accountability advisory barr advisory consulting +23

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations

View on infosec-jobs.com

Threat Analysis Engineer

@ Gen | IND - Tamil Nadu, Chennai

View on infosec-jobs.com

Head of Security

@ Hippocratic AI | Palo Alto

View on infosec-jobs.com

IT Security Vulnerability Management Specialist (15.10)

@ OCT Consulting, LLC | Washington, District of Columbia, United States

View on infosec-jobs.com

Security Engineer - Netskope/Proofpoint

@ Sainsbury's | Coventry, West Midlands, United Kingdom

View on infosec-jobs.com

Journeyman Cybersecurity Analyst

@ ISYS Technologies | Kirtland AFB, NM, United States

View on infosec-jobs.com