Moscow compromises USAID Constant Contact account. Beijing continues to exploit PulseVPN vulnerabilities. Ransomware updates.
Attacks, Threats, and Vulnerabilities
Russia Appears to Carry Out Hack Through System Used by U.S. Aid Agency (NYTimes) Microsoft reported that it had detected the intrusion and that the same hackers behind the earlier SolarWinds attack were responsible.
Microsoft says group behind SolarWinds hack now targeting government agencies, NGOs (Reuters) The group behind the SolarWinds (SWI.N) cyber attack identified late last year is now targeting government agencies, think tanks, consultants, and non-governmental organizations, Microsoft Corp (MSFT.O) said on Thursday.
Russian hackers launch major cyberattack through U.S. aid agency’s email system, Microsoft says (CNBC) The Russian hackers thought to be behind the catastrophic SolarWinds attack last year have launched another major cyberattack, Microsoft warned.
Russia-linked SolarWinds hackers target email accounts used by State Department aid agency (USA TODAY) Hackers with suspected ties to Moscow launch new assaults on email accounts used by the State Department’s international aid agency, Microsoft says.
Cozy Bear revisits one of its greatest hits, researchers say: election skulduggery (CyberScoop) It looks like the Russian government-linked hacking group Cozy Bear is back in the election trickery business. The security firm Volexity publicized a spearphishing campaign on Thursday that it identified only days ago, a scheme that uses an election fraud document as a lure.
Microsoft: SolarWinds hackers target 150 orgs with phishing (The Independent) Microsoft says the state-backed Russian cyber spies behind the SolarWinds hacking campaign launched a targeted spear-phishing assault on U.S. and foreign government agencies and think tanks this week
Another Nobelium Cyberattack (Microsoft On the Issues) This week, Microsoft observed cyberattacks by the threat actor Nobelium targeting government agencies, think tanks, consultants and non-governmental organizations. These attacks appear to be a continuation of Nobelium’s intelligence gathering efforts.
Suspected APT29 Operation Launches Election Fraud Themed Phishing Campaigns (Volexity) On May 25, 2021, Volexity identified a phishing campaign targeting multiple organizations based in the…