Microsoft’s threat intelligence blog warns organizations about Storm-0501’s evolving tactics, targeting hybrid cloud environments. Active since 2021, the group gains initial access to on-prem environments before pivoting to the cloud, using stolen credentials for persistent access. Recently deploying Embargo’s ransomware, Storm-0501 exploits over-privileged accounts and often implants backdoors, posing significant risks to cloud security.
Legacy kit behind vast majority of cyber attacks on utilities
With equipment and software poorly suited to withstand modern cyber threats, organizations need to do more to identify unmanaged or vulnerable systems
