Midnight Blizzard, AnyDesk Breach & a $27 Million Ransomware Attack
The Monthly Threat Report by Hornetsecurity is a valuable resource that provides monthly insights into M365 security trends, email-based threats, and commentary on current events in the cybersecurity space. For this episode, Andy is joined by Hornetsecurity’s CTO – Yvonne Bernard, for an in-depth analysis of major security breaches and ransomware attacks that occurred between January and February 2024.
From the Midnight Blizzard attack on Microsoft to a ransomware attack that cost Johnson Controls 27 million USD, our hosts explore what went wrong and provide expert recommendations from the Security Lab at Hornetsecurity on how to protect your business from similar threats.
Timestamps:
(3:20) – Email Threat Trends from January
(6:51) – What were the Most Targeted Industries for January?
(9:52) – What were the most impersonated brands in January?
(12:30) – A Discussion on the Midnight Blizzard attack on Microsoft
(22:38) – The Recent Breach of AnyDesk
(27:15) – $27 Million Cost of Ransomware attack on Johnson Controls
(32:34) – A C-Suite Look at Microsoft 365 Co-Pilot and the Danger of Misconfigured Permissions
Episode Resources:
Episode on Malicious OAuth Applications
Microsoft post on Midnight Blizzard Attack
Detailed Tactics Post from Microsoft on Midnight Blizzard Attack