CISA - the Cybersecurity & Infrastructure Security Agency - has released a very useful tool to help IT personnel detect malicious activity in an Azure/Microsoft 365 environment. EXP consultants can now run this tool against our clients cloud tenants at Microsoft and potentially identify accounts that have been compromised in the past. Identity and authentication-based attacks continue to be the number one threat that we are seeing amongst our clients - typically initiated by phishing emails that harvest credentials by providing a fake Microsoft login page. Below is a link to the CISA notice:
Click here to see the CISA notice
Contact Tony Lesirge to learn more.
