CISA beneficial that organizations instantly apply patches together with extra mitigations, which embody monitoring and reviewing Microsoft Entra audit logs, Entra sign-in, and unified audit logs, implementing a conditional entry coverage to restrict authentication inside single-tenant purposes, and rotating utility secrets and techniques and credentials on Commvault Metallic purposes.
Omri Weinberg, CEO at DoControl, connects the incident to a broader development. “Attackers are pivoting from endpoint and network-based assaults to exploiting over-permissioned SaaS environments and misconfigured cloud purposes,” Weinberg mentioned. “Safety groups must deal with SaaS with the identical rigor as conventional infrastructure – beginning with sturdy entry governance, steady monitoring of third-party app integrations, and limiting the blast radius by least privilege entry.”
Inside investigation didn’t reveal any unauthorized entry to buyer backup information that Commvault shops and protects, the corporate had mentioned in a press release in Might, including that it expects no materials impression on Commvault’s enterprise operations or its capacity to ship services and products.
