Enhanced Monitoring to Detect APT Activity Targeting Outlook Online

SUMMARY In June 2023, a Federal Civilian Executive Branch (FCEB) agency identified suspicious activity in their Microsoft 365 (M365) cloud environment. The agency reported the activity to Microsoft and the Cybersecurity and Infrastructure Security Agency (CISA), and Microsoft determined that advanced persistent threat (APT) actors accessed and exfiltrated unclassified Exchange Online Outlook data. CISA and

Related Keywords

China , ,Infrastructure Security Agency ,Office Of Management ,Bureau Of Investigation ,Microsoft ,Exchange Online ,Exchange Online Outlook ,Microsoft Exchange Online ,Operations Center ,Microsoft Security Response Center ,Federal Civilian Executive Branch ,Federal Bureau ,Cybersecurity Advisory ,Updated July ,Exchange Online Microsoft ,Viable Secure Configuration Baselines ,Cloud Business Applications ,Purview Audit ,Assigning Microsoft ,Audit Logging ,Reference Architecture ,Security Response Center ,