The Cybersecurity and Infrastructure Security Agency (CISA) has discovered the occurrence of an advanced persistent threat in cloud environments after the event of a system compromise. CISA said Friday that it detected an APT actor that accessed cloud resources via compromised Microsoft 365 applications and additional credentials.
The agency now advises organizations to use CISA's Sparrow tool, CrowdStrike's Azure Reporting Tool and open-source utility Hawk to identify and address APT threats that may affect supply chains.
Concerned network administrators may view CISA's alert report on the matter for more countermeasures and information regarding the APT threats.