all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

The Power of Audit Logs: Critical Lessons from the Recent Storm-0558 Threat

Add to bookmarks
c
Aug. 23, 2023, 5:28 a.m. |

Cloud Security Alliance cloudsecurityalliance.org

Originally published by Obsidian Security on July 25, 2023. Earlier this month, Microsoft and CISA reported the discovery of a recent advanced persistent threat (APT), Storm-0558, which gained access to Exchange and harvested corporate emails. The threat actor group responsible managed to gain access to exchange data via Outlook Web Access (OWA) API, using an access token obtained by exploiting vulnerabilities in the Microsoft ecosystem related to token exchange and signature validation. They...

access actor advanced advanced persistent threat apt audit cisa corporate critical data discovery emails exchange july logs managed microsoft obsidian obsidian security persistent persistent threat power responsible security storm storm-0558 threat threat actor

Visit resource

More from cloudsecurityalliance.org / Cloud Security Alliance

Cl
CISOs, AI, and OT: A Balancing Act Between Innovation and Protection 22 hours ago | cloudsecurityalliance.org
act balancing act ben ciso +19
Cl
Microsoft Copilot for Security: Everything You Need to Know 1 day, 17 hours ago | cloudsecurityalliance.org
ai-powered copilot copilot for security cybersecurity +17
Cl
Navigating the Cloud – Beyond “Best Practices” 3 days ago | cloudsecurityalliance.org
architectures best practices beyond businesses +17
Cl
Defining Cloud Key Management: 7 Essential Terms 1 week, 1 day ago | cloudsecurityalliance.org
access access control breaches cloud +26
Cl
How DSPM Can Help Solve Healthcare Cybersecurity Attacks 1 week, 2 days ago | cloudsecurityalliance.org
access access controls article attacks +41
Cl
Considerations When Including AI Implementations in Penetration Testing 1 week, 2 days ago | cloudsecurityalliance.org
application artificial artificial intelligence ask +15
Cl
Five Reasons Why Ransomware Still Reigns 1 week, 2 days ago | cloudsecurityalliance.org
ben ciso consent cxo +15
Cl
DevSecOps Tools 1 week, 2 days ago | cloudsecurityalliance.org
code code management development devops +18
Cl
Post-Quantum Preparedness 1 week, 2 days ago | cloudsecurityalliance.org
availability change code computers +23

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Financial Crimes Compliance - Senior - Consulting - Location Open

@ EY | New York City, US, 10001-8604
View on infosec-jobs.com

Software Engineer - Cloud Security

@ Neo4j | Malmö
View on infosec-jobs.com

Security Consultant

@ LRQA | Singapore, Singapore, SG, 119963
View on infosec-jobs.com

Identity Governance Consultant

@ Allianz | Sydney, NSW, AU, 2000
View on infosec-jobs.com

Educator, Cybersecurity

@ Brain Station | Toronto
View on infosec-jobs.com

Principal Security Engineer

@ Hippocratic AI | Palo Alto
View on infosec-jobs.com
View more jobs