The SolarWinds hackers used their access in many cases to infiltrate their victims’ Microsoft 365 email services and Microsoft Azure Cloud infrastructure—both treasure troves of potentially sensitive and valuable data. The challenge of preventing these types of intrusions into Microsoft 365 and Azure is that they don’t depend on specific vulnerabilities that can simply be patched.
Read full article on Wired – Threat Level