"CISA Directs Federal Agencies to Immediately Mitigate Significant Risk From Russian State-Sponsored Cyber Threat"
The US Cybersecurity and Infrastructure Security Agency (CISA) has issued Emergency Directive 24-02 in response to a recent campaign by the Russian state-sponsored cyber actor "Midnight Blizzard." The actor targeted Microsoft corporate email accounts, potentially accessing messages sent to Federal Civilian Executive Branch (FCEB) agencies. The Directive requires agencies to investigate potentially impacted emails, reset any compromised credentials, and take further action to protect privileged Microsoft Azure accounts. Midnight Blizzard is using information initially stolen from Microsoft corporate email systems to gain, or attempt to gain, further access to certain Microsoft customer systems. This article continues to discuss the Directive issued by CISA in response to a recent Midnight Blizzard campaign.
Submitted by grigby1