Inside Cybersecurity

May 19, 2024

Daily News

CISA issues emergency directive to address email compromises by cyber actor Midnight Blizzard

By Sara Friedman / April 11, 2024

The Cybersecurity and Infrastructure Security Agency has publicly released an emergency directive urging federal agencies to take specific actions to mitigate a campaign from Russia-backed threat group Midnight Blizzard.

“Midnight Blizzard is using information initially exfiltrated from Microsoft corporate email systems, including authentication details shared between Microsoft customers and Microsoft by email, to gain, or attempt to gain, additional access to certain Microsoft customer systems. Microsoft and CISA have notified all federal agencies whose email correspondence with Microsoft was identified...

Log in to access this content.

Not a subscriber? Sign up for 30 days free access to exclusive news and analysis on cybersecurity regulations and more.