In early 2024, the Russian nation-state actor Midnight Blizzard launched a sophisticated identity-based cyberattack against Microsoft, exposing the critical vulnerabilities tied to user credentials and authentication systems. This session delves into the anatomy of the attack, highlighting how adversaries exploited social engineering and compromised identities to gain unauthorized access.

We’ll explore Microsoft’s response, focusing on detecting and disrupting credential-based intrusions, mitigating lateral movement, and restoring operational integrity. This case study reveals the increasing role of identity as a primary target in modern cyber threats and underscores the importance of robust identity protection measures.

Join us to uncover lessons from this identity-centric attack, including best practices for implementing multi-factor authentication, strengthening identity governance, and leveraging advanced threat intelligence. Learn how to fortify your organization’s defenses against similar nation-state tactics and ensure that identity—a cornerstone of security—remains protected. This session is a must for anyone seeking to understand and combat the growing threat of identity-based cyberattacks.