Microsoft has transitioned the Microsoft Account signing service to Azure confidential virtual machines and is migrating the Entra ID signing service. This move follows improvements made to Microsoft Entra ID to enhance token security, including using an Azure Managed Hardware Security Module. These updates respond to vulnerabilities exploited in the 2023 Storm-0558 attack. The company reported high adoption of multifactor authentication and mentioned ongoing efforts to bolster security through a dedicated project for customer support workflows, all under its broader Secure Future Initiative, aimed at fortifying cybersecurity measures.
To reduce the risk of lateral movement, we are piloting a project to move customer support workflows and scenarios into a dedicated tenant.
Each of these improvements helps mitigate the attack vectors that we suspect the actor used in the 2023 Storm-0558 attack on Microsoft.
Collection
[
|
...
]