The U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued a security warning for Microsoft’s Intune device management tool. This advisory follows a March 11 cyberattack on medical technology firm Stryker Corp.
The breach disrupted Stryker’s manufacturing and shipping operations. These disruptions forced the company to delay some patient surgeries.
Threat actors gained control of Stryker’s Intune environment to remotely wipe employee devices. CISA now urges organizations to implement Microsoft’s best practices, including multi-factor authentication and the principle of least privilege.