Microsoft's Top Execs' Emails Breached in Sophisticated Russia-Linked APT Attack
Microsoft on Friday revealed that it was the target of a nation-state attack on its corporate systems that resulted in the theft of emails and attachments from senior executives and other individuals in the company's cybersecurity and legal departments. The Windows maker attributed the attack to a Russian advanced persistent threat (APT) group it tracks as Midnight Blizzard (formerly Nobelium), which is also known as APT29, BlueBravo, Cloaked Ursa, Cozy Bear, and The Dukes.
Russia-backed hackers used Microsoft Teams to breach government agencies | TechCrunch
Russian state-sponsored hackers posed as technical support staff on Microsoft Teams to compromise dozens of global organizations, including government agencies.
MagicWeb: NOBELIUM’s post-compromise trick to authenticate as anyone
Microsoft security researchers have discovered a post-compromise capability we’re calling MagicWeb, which is used by a threat actor we track as NOBELIUM to maintain persistent access to compromised environments.
MagicWeb: NOBELIUM’s post-compromise trick to authenticate as anyone
Microsoft security researchers have discovered a post-compromise capability we’re calling MagicWeb, which is used by a threat actor we track as NOBELIUM to maintain persistent access to compromised environments.
MagicWeb: NOBELIUM’s post-compromise trick to authenticate as anyone
Microsoft security researchers have discovered a post-compromise capability we’re calling MagicWeb, which is used by a threat actor we track as NOBELIUM to maintain persistent access to compromised environments.