U.S. Federal Agencies Ordered to Hunt for Signs of Microsoft Breach and Mitigate Risks

Teilen:

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday issued an emergency directive (ED 24-02) urging federal agencies to hunt for signs of compromise and enact preventive measures following the recent compromise of Microsoft’s systems that led to the theft of email correspondence with the company.

The attack, which came to light earlier this year, has been attributed to a Russian nation-state group tracked as Midnight Blizzard (aka APT29 or Cozy Bear). Last month, Microsoft revealed that the adversary managed to access some of its source code repositories but noted that there is no evidence of a breach of customer-facing systems.

The emergency directive, which was originally issued privately to federal agencies on April 2, was first reported on by CyberScoop two days later.

“The threat actor is using information initially exfiltrated from the corporate email systems, including authentication details shared between Microsoft customers and Microsoft by email, to gain, or attempt to gain, additional access to Microsoft customer systems,” CISA said.

The agency said the theft of email correspondence between government entities and Microsoft poses severe risks, urging concerned parties to analyze the content of exfiltrated emails, reset compromised credentials, and take additional steps to ensure authentication tools for privileged Microsoft Azure accounts are secure.

It’s currently not clear how many federal agencies have had their email exchanges exfiltrated in the wake of the incident, although CISA said all of them have been notified.

The agency is also urging affected entities to perform a cybersecurity impact analysis by April 30, 2024, and provide a status update by May 1, 2024, 11:59 p.m. Other organizations that are impacted by the breach are advised to contact their respective Microsoft account team for any additional questions or follow up.

“Regardless of direct impact, all organizations are strongly encouraged to apply stringent security measures, including strong passwords, multi-factor authentication (MFA) and prohibited sharing of unprotected sensitive information via unsecure channels,” CISA said.

The development comes as CISA released a new version of its malware analysis system, called Malware Next-Gen, that allows organizations to submit malware samples (anonymously or otherwise) and other suspicious artifacts for analysis.

Ravie Lakshmanan

Kommentar verfassen

Deine E-Mail-Adresse wird nicht veröffentlicht. Erforderliche Felder sind mit * markiert

lade-bild
London, GB
5:56 pm, Feb. 6, 2025
Wetter-Symbol 6°C
L: 5° | H: 7°
broken clouds
Luftfeuchtigkeit: 77 %
Druck: 1040 mb
Wind: 11 mph ENE
Windböe: 0 mph
UV-Index: 0
Niederschlag: 0 mm
Wolken: 75%
Regen Chance: 0%
Sichtbarkeit: 10 km
Sonnenaufgang: 7:30 am
Sonnenuntergang: 4:58 pm
TäglichStündlich
Tägliche VorhersageStündliche Vorhersage
Today 9:00 pm
Wetter-Symbol
5° | 7°°C 0 mm 0% 12 mph 78 % 1040 mb 0 mm/h
Tomorrow 9:00 pm
Wetter-Symbol
3° | 5°°C 1 mm 100% 13 mph 96 % 1037 mb 0 mm/h
Sa. Feb. 08 9:00 pm
Wetter-Symbol
4° | 6°°C 1 mm 100% 12 mph 95 % 1027 mb 0 mm/h
So. Feb. 09 9:00 pm
Wetter-Symbol
5° | 8°°C 0 mm 0% 11 mph 95 % 1037 mb 0 mm/h
Mo. Feb. 10 9:00 pm
Wetter-Symbol
3° | 5°°C 0.2 mm 20% 11 mph 94 % 1036 mb 0 mm/h
Today 6:00 pm
Wetter-Symbol
6° | 6°°C 0 mm 0% 11 mph 76 % 1040 mb 0 mm/h
Today 9:00 pm
Wetter-Symbol
4° | 6°°C 0 mm 0% 12 mph 78 % 1039 mb 0 mm/h
Tomorrow 12:00 am
Wetter-Symbol
4° | 5°°C 0 mm 0% 12 mph 79 % 1037 mb 0 mm/h
Tomorrow 3:00 am
Wetter-Symbol
3° | 3°°C 0 mm 0% 11 mph 82 % 1033 mb 0 mm/h
Tomorrow 6:00 am
Wetter-Symbol
4° | 4°°C 0 mm 0% 12 mph 77 % 1030 mb 0 mm/h
Tomorrow 9:00 am
Wetter-Symbol
4° | 4°°C 0 mm 0% 13 mph 74 % 1028 mb 0 mm/h
Tomorrow 12:00 pm
Wetter-Symbol
3° | 3°°C 0.89 mm 89% 12 mph 91 % 1025 mb 0 mm/h
Tomorrow 3:00 pm
Wetter-Symbol
4° | 4°°C 1 mm 100% 13 mph 91 % 1022 mb 0 mm/h
Name Preis24H (%)
Bitcoin(BTC)
€93,633.53
-0.84%
Ethereum(ETH)
€2,611.67
-1.79%
Fesseln(USDT)
€0.97
0.00%
XRP(XRP)
€2.26
-3.24%
Solana(SOL)
€184.75
-3.40%
USDC(USDC)
€0.97
0.00%
Dogecoin(DOGE)
€0.241182
-2.88%
Shiba Inu(SHIB)
€0.000014
-4.71%
Pepe(PEPE)
€0.000009
-5.13%
Nach oben scrollen