Today, CISA publicly issued Emergency Directive (ED) 24-02 to address the recent campaign by Russian state-sponsored cyber actor Midnight Blizzard to exfiltrate email correspondence of Federal Civilian Executive Branch (FCEB) agencies through a successful compromise of Microsoft corporate email accounts. This Directive rhttps://www.cisa.gov/news-events/directives/ed-24-02-mitigating-significant-risk-nation-state-compromise-microsoft-corporate-email-systemequires agencies to analyze the content of exfiltrated emails, reset compromised credentials, and take additional steps to secure privileged Microsoft Azure accounts.

While ED 24-02 requirements only apply to FCEB agencies, other organizations may also have been impacted by the exfiltration of Microsoft corporate email and are encouraged to contact their respective Microsoft account team for any additional questions or follow up. FCEB agencies and state and local government should utilize the distro MBFedResponse@Microsoft.com for any escalations and assistance with Microsoft. Regardless of direct impact, all organizations are strongly encouraged to apply stringent security measures, including strong passwords, multifactor authentication (MFA) and prohibited sharing of unprotected sensitive information via unsecure channels.

Leave a Reply

Your email address will not be published. Required fields are marked *

Explore More

CISA Releases One Industrial Control Systems Advisory

February 22, 2024 0 Comments 0 tags

CISA released one Industrial Control Systems (ICS) advisory on February 22, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-053-01 Delta Electronics CNCSoft-B

Friday Squid Blogging: Illex Squid and Climate Change

February 23, 2024 0 Comments 0 tags

There are correlations between the populations of the Illex Argentines squid and water temperatures. As usual, you can also use this squid post to talk about the security stories in

LLM Prompt Injection Worm

March 4, 2024 0 Comments 0 tags

Researchers have demonstrated a worm that spreads through prompt injection. Details: In one instance, the researchers, acting as attackers, wrote an email including the adversarial text prompt, which “poisons” the