Detecting Post-Compromise Threat Activity in Microsoft Cloud Environments

Other | 01/25/2021

This Alert is a companion alert to AA20-352A: Advanced Persistent Threat Compromise of Government Agencies, Critical Infrastructure, and Private Sector Organizations. AA20-352A primarily focuses on an advanced persistent threat {APT) actor's compromise of SolarWinds Orion products as an initial access vector into networks of U.S. Government agencies, critical infrastructure entities, and private network organizations. As noted in AA20-352A, the Cybersecurity and Infrastructure Security Agency {CISA) has evidence of initial access vectors in addition to the compromised SolarWinds Orion products.

To read more, please log in

This site is operated by NetDiligence®. Links found within this site may open a new browser window and take you outside the Sompo International's Cyber Risk Portal to another website, the contents of which are maintained by third parties over whom NetDiligence and Sompo International have no control. We provide links to these external sites for your convenience and awareness. We accept no responsibility for the content of linked sites. Upon request of the content source, we will remove links.

Learning Center Article

Detecting Post-Compromise Threat Activity in Microsoft Cloud Environments

Related Content

#StopRansomware: Phobos Ransomware

Threat Actors Exploiting Citrix CVE-2023-3519 to Implant Webshells

Understanding Ransomware Threat Actors: LockBit

CISA Updates to Alert AA21-110A: Exploitation of Pulse Connect Secure Vulnerabilities

Featured

Deploying AI Systems Securely

Top Security Controls of 2024

Q1 2024 Data Breach Analysis

Secure by Design Alert Eliminating SQL Injection Vulnerabilities in Software

Deep Fakes Causing Real Harms: Time to Take Action

Key Incident Response Procedures Every IT Managed Service Provider Must Master

2023 BEC Spotlight Report

Russian FSB cyber actor Star Blizzard continues worldwide spear-phishing campaigns.