Storm-0558 is a China-based threat actor M365 Compromise

In this video, Andrew hosts a discussion with Chip Buck, CTO and co-founder of SaaS Alerts, and Chris Cochran, advisory CISO and chief evangelist at Huntress, about a significant cybersecurity incident involving Microsoft. They delve into the complexities of token harvesting, the implications for MSPs, and the importance of MFA and proactive security measures. The conversation also touches on the role of AI in threat detection and the evolving landscape of cloud security.

• The Backdoors and Breaches initiative offers hands-on training for handling cybersecurity incidents without sales pitches, emphasizing the importance of tabletop exercises.
• Microsoft’s recent cybersecurity breach involved Chinese cyber spies exploiting a flaw in the Microsoft cloud, underscoring the significance of robust security protocols.
• The introduction of advanced logging by Microsoft, starting in September, aims to provide better insights into security incidents, but requires proactive engagement from users to enable and utilize the data effectively.