On the day the Detection and Response Team arrived, the attacker was removed. DART intervened when the attack was ongoing for 243 days. The customer sought Microsoft's help when it was unable to remove the APT attack from its network. If it was in place, MFA would have thwarted the state-sponsored hacking group and protected sensitive data and emails. Its first report details says the customer hit by six simultaneous attacks was not using multi-factor authentication (MFA). Redmond says the reports will help to keep customers on their toes when combatting cyberthreats. The company will publish sporadic reports detailing DART's work to better protect enterprise users. Microsoft first announced the Detection and Response Team a year ago. The hacking group stole gained admin credentials and entered the network of an unnamed customer. DART says the attack was an advanced persistent threat (APT) campaign. In the report, the company points to an incident involving a major customer that saw six separate threat actors attacks its network at the same time.Īmong the attackers was a hacking group with state backing that had been stealing email and data for 245 consecutive days. Microsoft has published the first report delivered by its Detection and Response Team (DART).
0 kommentar(er)
