The Cybersecurity and Infrastructure Security Agency (CISA) warns U.S. organizations to enhance security on Microsoft Intune following a significant breach at Stryker Corporation. Handala, the Iranian-linked group responsible, reportedly stole 50 terabytes of data and wiped nearly 80,000 devices using Intune's wipe command. CISA emphasizes a least-privilege approach for admin roles and multi-factor authentication to bolster defenses against similar attacks. "To defend against similar malicious cyber activity, CISA urges organizations to harden endpoint management system configurations," the agency states.