On this week's episode, Adam and Andy talk Storm-0558, the China-based actor, that compromised Exchange Online. They go through the attack chain and CISA's guidance on how you can better protect your organization going forword.
-------------------------------------------
Youtube Video Link: https://youtu.be/N7dRPCCU25A
-------------------------------------------
Documentation: https://blogs.microsoft.com/on-the-issues/2023/07/11/mitigation-china-based-threat-actor/
https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-193a
https://learn.microsoft.com/en-us/compliance/assurance/assurance-audit-logging
https://learn.microsoft.com/en-us/microsoft-365/compliance/audit-premium?view=o365-worldwide
https://learn.microsoft.com/en-us/microsoft-365/compliance/audit-log-search?view=o365-worldwide
----------------------
Contact Us:
Website: https://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
Linkedin: https://www.linkedin.com/company/bluesecpod
Youtube: https://www.youtube.com/c/BlueSecurityPodcast
Twitch: https://www.twitch.tv/bluesecuritypod
-------------------------------------------
Andy Jaw
Mastodon: https://infosec.exchange/@ajawzero
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: andy@bluesecuritypod.com
-------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
--- Send in a voice message: https://podcasters.spotify.com/pod/show/blue-security-podcast/messageYou Might Like
