CISA recommended that organizations apply patch with additional mitigations immediately, including Microsoft Entra Audit Log, Entra Sign-in, and Integrated Audit Log Monitoring and Recall and Review, which applies a conditional access policy to limit the auto-boundary applications, and applies a conditional access policy to limit the authentication within single-class applications, and the applications on the commentary applications. Rotates mystery and credentials.
Omri Venberg, CEO of Docontrol, connects the incident to a widespread trend. Venberg said, “Attackers are pivying with endpoints and network-based attacks, which do the mother-in-law and cloud app to call the application wrong.” “Security teams need to treat mother-in-law with the same rigidity as a traditional infrastructure-starting with strong access regime, continuous monitoring of third-party app integration, and limiting the blast radius through minimal privilege access.”
The internal investigation did not reveal any unauthorized access to customer backup data, which stores and safety, the company said in a statement in May, saying that it has no physical impact on Comvolt’s commercial operations or ability to distribute products and services.
