By Jessica Lyons
Publication Date: 2026-03-19 16:00:00
The US government has urged companies to better secure Microsoft Intune, an endpoint management tool that was abused in last week’s cyberattack against med-tech firm Stryker.
Handala, a group linked to Iran’s intelligence agency, claimed responsibility for the attack, which knocked some of the surgical equipment maker’s networks offline and continues to affect shipping and ordering systems.
Stryker has publicly said the attack affected its Microsoft environment, and a source familiar with the investigation confirmed to The Register that the attackers wiped employees’ devices using Intune.
Microsoft to date has declined to comment.
In a Wednesday security alert, the…