EP 46 - Behind the Data Breach: Dissecting Cozy Bear's Microsoft Attack

02/15/24 • 31 min

Andy Thompson, CyberArk Labs Offensive Security Research Evangelist returns to Trust Issues for a deep dive into the recent APT29 breach of Microsoft. In conversation with host David Puner, Thompson explores the intricate details of the January 2024 attack, dissecting the tactics employed by the APT29 threat actor, also known as Cozy Bear, Cozy Car, The Dukes – or, as Microsoft refers to the group: Midnight Blizzard. From the initial password spray technique to the exploitation of OAuth applications, listeners are taken on a journey through the breach's timeline – and learn how, ultimately, it all boils down to identity. The discussion touches upon the nuances of threat actor nomenclature, the significance of various bear-themed aliases and the professional nature of state-sponsored cyber espionage groups. Throughout the episode, practical insights and cybersecurity best practices are shared, offering organizations valuable strategies to bolster their defenses against evolving cyber threats. For a comprehensive analysis of the APT29 Microsoft data breach and detailed recommendations for improving cybersecurity posture, check out the accompanying blog post written by Andy Thompson.

Previous Episode

EP 45 - OT Security's Digital Makeover

In this episode of Trust Issues, the conversation revolves around the challenges and transformations in operational technology (OT) security. Guest Mike Holcomb, the Fellow of Cybersecurity and the ICS/OT Cybersecurity Lead at Fluor shares insights with host David Puner on securing legacy systems, the impact of generative AI – and the evolving threat landscape. From addressing security challenges in manufacturing plants to the skills gap in OT cybersecurity, the episode provides an overview of the current state and future prospects of securing critical infrastructure. Holcomb also emphasizes the importance of identity in OT security and offers practical advice for organizations looking to enhance their cybersecurity posture. Check out the episode to explore the dynamic intersection of IT and OT – and how it spotlights the urgent need for robust cybersecurity measures in an evolving digital landscape.

Next Episode

EP 47 - Digital Trust and the Identity Cornerstone

In this episode of Trust Issues, Jan Vanhaecht, the Global Digital Identity Leader at Deloitte Belgium, delves into the intricate realms of digital trust and risk management with host David Puner. The discussion covers topics ranging from the impact of regulations on cybersecurity practices to the pivotal role of identity in building a robust security culture. Unpacking the nuances of digital trust maturity, the episode explores how organizations can navigate the delicate balance between risk and reward. From the emergence of passwordless authentication to the practical applications of Zero Trust principles, the conversation provides valuable perspectives on safeguarding digital landscapes. Join us as we unravel the complexities of cybersecurity and discover how it intertwines with innovation, compliance and the pursuit of trust in the digital age.