Case Study: Adversaries Compromising Company stops Intune abuse in under one minute with Blackpoint Cyber

Blackpoint Stops Microsoft Intune Abuse In Under One Minute

The adversaries compromised a company faced the challenge of a threat actor who had abused its Microsoft 365 cloud environment to push malware, via a compromised Microsoft Intune policy, to its entire fleet of endpoint devices. Blackpoint Cyber's Security Operations Center (SOC) and its SNAP-Defense MDR technology detected this malicious activity, which stemmed from a previously compromised administrative account.

Blackpoint Cyber’s solution involved immediately isolating the infected device to prevent lateral movement in under one minute. The vendor then onboarded the customer to its Cloud Response add-on service, which detected and stopped 10 additional business email compromise attempts. This rapid response contained the threat and prevented further infection across the network.