Subj : The US government wants to help you spot flaws in Microsoft cloud
To   : All
From : TechnologyDaily
Date : Fri Mar 24 2023 14:15:03

The US government wants to help you spot flaws in Microsoft cloud services

Date:
Fri, 24 Mar 2023 14:05:43 +0000

Description:
"Untitled Goose Tool" from CISA looks to help spot flaws before they become 
more serious.

FULL STORY
======================================================================

The US government has built an open source tool to help security teams spot 
flaws in Microsoft cloud services easier. 

Built by the U.S. Cybersecurity & Infrastructure Security Agency (CISA) and 
the U.S. Department of Energy national laboratory, Sandia, the Untitled Goose 
Tool works by harvesting telemetry data from Azure Active Directory, 
Microsoft Azure, and Microsoft 365 . 

"Untitled Goose Tool is a robust and flexible hunt and incident response tool 
that adds novel authentication and data gathering methods in order to run a 
full investigation against a customer's Azure Active Directory (AzureAD), 
Azure, and M365 environments," CISA says. "Untitled Goose Tool gathers 
additional telemetry from Microsoft Defender for Endpoint (MDE) and Defender 
for Internet of Things (IoT) (D4IoT)." CISA efforts 

There is a number of things Untitled Goose Tool can do, including exporting 
and reviewing sign-in and audit logs from Azure Active Directory, unified 
audit logs from Microsoft 365, activity logs from Azure, alerts from 
Microsoft Defender for IoT, and data from Microsoft Defender for Endpoint. 

The full set of the tools capabilities can be found on this link . 

This is not the first tool of its kind to be released by CISA, as earlier 
this month the organization published Decider, another open source tool that 
helps IT teams generate MITRE ATT&CK mapping reports. And before that, the 
organization published a best practives guide about MITRE mapping, as well. 
Read more 

> Check out the best cloud hosting providers today 


 > CISA is worried that critical infrastructure is vulnerable to ransomware 
attacks 


 > CISA says hackers had access to federal agency for months 

Ever since ransomware operators hit the countrys critical infrastructure a 
few times, the U.S. government has been hard at work trying to defend against 
these malicious players. In 2023, CISA started proactively warning 
infrastructure organizations when they have internet-exposed endpoints that 
are vulnerable to ransomware attacks. 

"Using this proactive cyber defense capability, CISA has notified more than 
60 entities of early-stage ransomware intrusions since January 2023, 
including critical infrastructure organizations in the Energy, Healthcare and 
Public Health, Water and Wastewater Systems sectors, as well as the education 
community," the company said. These are the best firewalls right now 

Via: BleepingComputer



======================================================================
Link to news story:
https://www.techradar.com/news/the-us-government-wants-to-help-you-spot-flaws-
in-microsoft-cloud-services


--- Mystic BBS v1.12 A47 (Linux/64)
 * Origin: tqwNet Technology News (1337:1/100)

.