Detecting Post-Compromise Threat Activity in Microsoft Cloud Environments

| 01/25/2021

This Alert is a companion alert to AA20-352A: Advanced Persistent Threat Compromise of Government Agencies, Critical Infrastructure, and Private Sector Organizations. AA20-352A primarily focuses on an advanced persistent threat {APT) actor's compromise of SolarWinds Orion products as an initial access vector into networks of U.S. Government agencies, critical infrastructure entities, and private network organizations. As noted in AA20-352A, the Cybersecurity and Infrastructure Security Agency {CISA) has evidence of initial access vectors in addition to the compromised SolarWinds Orion products.

To read more, please log in

Junto Plus
Junto Plus
From SolarWinds to Microsoft Exchange to phishing emails, businesses, governments, and ordinary people, no one is a stranger to cyber attacks these days. This is especially true considering statistics show a ransomware attack occurred every 10 seconds in 2020. Unfortunately, these attacks are continuing with no end in sight, even with the latest cyber attack prevention tools and procedures in place.
09/15/21 | Junto Plus