US CISA's new tool finds malicious activity in Microsoft cloud services

San Francisco, Mar 26 (IANS): US Cybersecurity & Infrastructure Security Agency (CISA) has released a new tool that allows detecting signs of hacking activity in Microsoft cloud services.

Developed in collaboration with Sandia, a US Department of Energy national laboratory, the new open-source incident tool called -- "Untitled Goose Tool" can dump telemetry information from Azure Active Directory, Microsoft Azure, and Microsoft 365 services, reports BleepingComputer.

"Untitled Goose Tool is a robust and flexible hunt and incident response tool that adds novel authentication and data gathering methods in order to run a full investigation against a customer's Azure Active Directory (AzureAD), Azure, and M365 environments," according to CISA.

"Untitled Goose Tool gathers additional telemetry from Microsoft Defender for Endpoint (MDE) and Defender for Internet of Things (IoT) (D4IoT)," it added.

This tool was created to help incident response teams by exporting cloud artefacts following an incident for environments that aren't ingesting logs into a Security Information and Events Management (SIEM) or other long-term log solution.

Moreover, CISA released an open-source tool dubbed 'Decider' earlier this month to assist defenders in generating MITRE ATT&CK mapping reports to alter their security posture based on adversaries' tactics and approaches, the report said.

Earlier this month, the Federal Bureau of Investigation (FBI) in the US warned that threat actors are now using fake rewards in so-called "play-to-earn" mobile and online games to steal millions worth of cryptocurrency.

They accomplish this through the use of custom-created gaming apps that promise massive financial rewards directly proportional to investments made to potential targets with whom they have previously established trust through lengthy online conversations.



Top Stories

Leave a Comment

Title: US CISA's new tool finds malicious activity in Microsoft cloud services

You have 2000 characters left.


Please write your correct name and email address. Kindly do not post any personal, abusive, defamatory, infringing, obscene, indecent, discriminatory or unlawful or similar comments. will not be responsible for any defamatory message posted under this article.

Please note that sending false messages to insult, defame, intimidate, mislead or deceive people or to intentionally cause public disorder is punishable under law. It is obligatory on Daijiworld to provide the IP address and other details of senders of such comments, to the authority concerned upon request.

Hence, sending offensive comments using daijiworld will be purely at your own risk, and in no way will be held responsible.