Jan 18 2022 10:27 AM
Destructive malware targeting Ukrainian organizations - Microsoft Security Blog
Microsoft Threat Intelligence Center (MSTIC) has identified evidence of a destructive malware operation targeting multiple organizations in Ukraine. This malware first appeared on victim systems in Ukraine on January 13, 2022. Microsoft is aware of the ongoing geopolitical events in Ukraine and surrounding region and encourages organizations to use the information in this post to proactively protect from any malicious activity.
While our investigation is continuing, MSTIC has not found any notable associations between this observed activity, tracked as DEV-0586, and other known activity groups. MSTIC assesses that the malware, which is designed to look like ransomware but lacking a ransom recovery mechanism, is intended to be destructive and designed to render targeted devices inoperable rather than to obtain a ransom.
May 22 2022 10:32 PM
@AshleyMartin Let do let me know good malware & phising policy which we can setup in O365, so we can removed the other email gateways from infra and only use to receive email (incoming) from O365.
We wants to get rid of the email gateway if O365 have that kind of policy.
Mailflow (Incoming) : Internet >>> email gateway >>>O365 (hybrid)