Storm-0558 - Attack on Exchange Online
Blue Security - En podcast af Andy Jaw & Adam Brewer - Tirsdage
Kategorier:
On this week's episode, Adam and Andy talk Storm-0558, the China-based actor, that compromised Exchange Online. They go through the attack chain and CISA's guidance on how you can better protect your organization going forword. ------------------------------------------- Youtube Video Link: https://youtu.be/N7dRPCCU25A ------------------------------------------- Documentation: https://blogs.microsoft.com/on-the-issues/2023/07/11/mitigation-china-based-threat-actor/ https://www.microsoft.com/en-us/security/blog/2023/07/14/analysis-of-storm-0558-techniques-for-unauthorized-email-access/ https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-193a https://learn.microsoft.com/en-us/compliance/assurance/assurance-audit-logging https://learn.microsoft.com/en-us/microsoft-365/compliance/audit-log-enable-disable?view=o365-worldwide https://learn.microsoft.com/en-us/microsoft-365/compliance/audit-premium?view=o365-worldwide https://learn.microsoft.com/en-us/microsoft-365/compliance/audit-log-search?view=o365-worldwide ---------------------- Contact Us: Website: https://bluesecuritypod.com Twitter: https://twitter.com/bluesecuritypod Linkedin: https://www.linkedin.com/company/bluesecpod Youtube: https://www.youtube.com/c/BlueSecurityPodcast Twitch: https://www.twitch.tv/bluesecuritypod ------------------------------------------- Andy Jaw Mastodon: https://infosec.exchange/@ajawzero Twitter: https://twitter.com/ajawzero LinkedIn: https://www.linkedin.com/in/andyjaw/ Email: [email protected] ------------------------------------------- Adam Brewer Twitter: https://twitter.com/ajbrewer LinkedIn: https://www.linkedin.com/in/adamjbrewer/ Email: [email protected]
