tldrdailynews.com logo
Tag

Microsoft Intune

All articles tagged with #microsoft intune

CISA Warns on Intune Risks After Stryker Breach, Calls for Tighter Controls
technology21 days ago

CISA Warns on Intune Risks After Stryker Breach, Calls for Tighter Controls

After Stryker’s March 11 breach targeting its Microsoft environment, CISA issued an urgent advisory urging organizations to harden endpoint-management configurations and adopt Microsoft’s new Intune security best practices. The alert notes attackers abusing legitimate endpoint-management tools to gain privileged access and move laterally. Key mitigations include implementing least-privilege RBAC, phishing-resistant MFA with Entra ID and Conditional Access, reviewing Privileged Identity Management for just-in-time access, enabling Multi-Admin Approval for sensitive operations, and aligning with Zero Trust principles across Intune and connected Microsoft services.

via CyberSecurityNews|
#cisa#cybersecurity#endpoint-management
Stryker breach spotlights risk of weaponized device-management tools
technology25 days ago

Stryker breach spotlights risk of weaponized device-management tools

A March 2026 Stryker cyberattack allegedly used Microsoft Intune to remotely wipe thousands of devices, with Iran-linked Handala claiming credit and up to 50 terabytes of data stolen. Researchers say the attack leveraged living-off-the-land techniques rather than a flaw in Intune, highlighting how MDM/UEM platforms can be abused. MFA and multi-account approvals for destructive actions are advised as Stryker works with forensic experts and the CISA investigates the incident.

via Cybersecurity Dive|
#cyberattack#microsoft-intune#mobile-device-management
Iran-Linked Wiper Wave Targets Global Networks via Identity Attacks
technology29 days ago

Iran-Linked Wiper Wave Targets Global Networks via Identity Attacks

Unit 42 warns of a rising risk of wiper attacks tied to the Iran conflict, led by Handala Hack (aka Void Manticore) using phishing and compromised admin access via Microsoft Intune to disrupt networks in Israel and the US; Israel's National Cyber Directorate reports cases where attackers used legitimate credentials to delete servers. The advisory outlines zero trust privileged access, Just-In-Time admin rights, MFA, break-glass accounts, PIM/PAM, MAA, RBAC with Intune Admin roles, and Group-based PIM; plus shorter session lifetimes, token protection, DSPM/DLP, MDR/XDR monitoring, offline immutable backups, and ongoing phishing training. If compromised, contact incident response teams.

via Unit 42|
#handala-hack#iran-mois#microsoft-intune
Stryker Faces Uncertain Recovery Timeline After Global Cyberattack
business29 days ago

Stryker Faces Uncertain Recovery Timeline After Global Cyberattack

Stryker disclosed a global cyberattack that disrupted its Microsoft environment and wiped devices via Intune, affecting about 5,500 employees across several regions; while restoration efforts are ongoing, the full timeline and potential financial impact remain unclear, with security researchers pointing to Handala/IRGC-linked APT34 activity though Microsoft has not commented.

via The Record from Recorded Future News|
#apt34#business#cyberattack
cybersecurity1 month ago

Iranian-Hacked Wiper Hit Stryker, Triggering Healthcare Supply Chain Fears

An Iran-linked hacktivist group, Handala, claimed a mass data-wiping attack on medical-tech company Stryker, saying 200,000 devices across 79 countries were wiped and offices shut, reportedly using a remote wipe via Microsoft Intune; Irish reports say about 5,000 staff were sent home and devices wiped, raising concerns about healthcare supply chains, though the American Hospital Association says there are no confirmed direct hospital disruptions yet as investigations continue.

via Krebs on Security|
#cybersecurity#data-wipe#handala-hack-team