Security News > 2020 > December > CrowdStrike releases free Azure security tool after failed hack
Leading cybersecurity firm CrowdStrike was notified by Microsoft that threat actors had attempted to read the company's emails through compromised by Microsoft Azure credentials.
While performing their investigation, CrowdStrike was told by Microsoft on December 15th that a compromised Microsoft Azure reseller's account was used to try and read CrowdStrike's emails.
"Specifically, they identified a reseller's Microsoft Azure account used for managing CrowdStrike's Microsoft Office licenses was observed making abnormal calls to Microsoft cloud APIs during a 17-hour period several months ago. There was an attempt to read email, which failed as confirmed by Microsoft. As part of our secure IT architecture, CrowdStrike does not use Office 365 email," CrowdStrike CTO Michael Sentonas disclosed.
CrowdStrike has stated that they do not know of any attribution or connection between their attempted hack and the attackers behind the SolarWinds attack.
To help administrators analyze their Microsoft Azure environment and see what privileges are assigned to third-party resellers and partners, CrowdStrike has released a free CrowdStrike Reporting Tool for Azure tool.