Microsoft says SolarWinds hackers seized an email system used by State Department's international aid agency to breach NGOs and organizations critical of Putin
Microsoft reported that it had detected the intrusion and that the same hackers behind the earlier SolarWinds attack were responsible.
New York Times
Related Coverage
- Another Nobelium Cyberattack Microsoft On the Issues · Tom Burt
- New sophisticated email-based attack from NOBELIUM Microsoft Security · Emma Jones
- View article BBC
- Microsoft says SolarWinds hackers have struck again at the US and other countries CNN
- Microsoft Announces New Campaign from NOBELIUM us-cert.cisa.gov
- SolarWinds hackers are back with a new mass campaign, Microsoft says Ars Technica · Dan Goodin
- SolarWinds attack group reportedly used fake Donald Trump claims in new email attack Windows Central · Sean Endicott
- View article PCMag
- View article CyberScoop
- View article Thurrott
- Microsoft Says Russian Hackers Behind SolarWinds Currently Attacking Targets in 24 Countries Gizmodo · Matt Novak
- View article Threatpost
- Microsoft: SolarWinds hackers target govt agencies from 24 countries BleepingComputer · Sergiu Gatlan
- Microsoft warns of ‘sophisticated’ Russian email attack targeting government agencies The Verge · Jon Porter
- Russia-linked SolarWinds hackers target email accounts used by State Department aid agency USA Today · Kim Hjelmgaard
- Microsoft: SolarWinds hackers target 150 orgs with phishing Associated Press
- Microsoft discovers new cyber attack by Russians on 150 government, NGO sites Brisbane Times · Kanishka Singh
- Russian hackers seized email system used by State Department aid agency, human rights groups The Hill · Jordan Williams
- View article Malwarebytes Labs
- View article HealthITSecurity
- Microsoft Warns Of Phishing Campaign Under Guise Of US-Based Development Organization International Business Times · Leah Yecla
- View article Security Boulevard
- Russian Hackers Resume U.S. Cyber Offensive, Microsoft Says Bloomberg · Jamie Tarabay
- Microsoft warns of current Nobelium phishing campaign impersonating USAID ZDNet · Chris Duckett
- View article The Hacker News
- Microsoft reveals new phishing campaign by SolarWinds hackers Engadget · Mariella Moon
- SolarWinds hackers are at it again, targeting 150 organizations, Microsoft warns NBC News · Phil Helsel
- Microsoft says the Russian group behind the SolarWinds hack is now targeting 150 government agencies, NGOs, and think tanks with a massive phishing email campaign Insider · Kate Duffy
- Russian gang behind SolarWinds hack returns with phishing attack disguised as mail from US aid agency The Register · Laura Dobberstein
- View article CyberNews
- USAID hit with cyberattack by Russian-backed group Nobelium: Microsoft FedScoop · Billy Mitchell
- Russian hackers launch major cyberattack through U.S. aid agency's email system, Microsoft says CNBC · Sam Shead
- Russian group behind SolarWinds spy campaign conduct new cyber attacks Financial Times · Hannah Murphy
- Microsoft Says SolarWinds Hackers Now Targeting Government Agencies & NGOs MUO · Gavin Phillips
- SolarWinds Hackers Impersonate U.S. Government Agency in New Attacks SecurityWeek · Eduard Kovacs
- Russian SolarWinds hackers launch new phishing campaign iTnews · Juha Saarinen
- Cozy Bear revisits one of its greatest hits, researchers say: election skulduggery CyberScoop · Tim Starks
Discussion
-
@cglyer
Christopher Glyer
on x
There are so many layers to the latest phishing campaign from NOBELIUM. Let's start with the breadth “3,000 individual accounts across more than 150 organizations” And the techniques URL -> ISO (don't see that every day) -> LNK disguised as a folder -> Custom CS Beacon Loader htt…
-
@jsrailton
John Scott-Railton
on x
NEW: Russian gov-linked hackers seized a @ConstantContact account used by @USAID & targeted thousands with malware, like human rights groups critical of Putin. Great to see @msstic & @MsftSecIntel rapidly & publicly attributing this. https://www.microsoft.com/... https://twitter.…
-
@dnvolz
Dustin Volz
on x
Microsoft says hackers leveraged legit mass-mailing service Constant Contact in this campaign and that due to volume “automated email threat detection systems blocked most of the malicious emails and marked them as spam.” https://www.microsoft.com/...
-
@dnvolz
Dustin Volz
on x
Microsoft says in a security bulletin that the SolarWinds hackers are behind a new “wide-scale malicious email campaign” targeting 3,000 individual accounts across more than 150 organizations that used “unique infrastructure and tooling for each target.” https://www.microsoft.com…
-
@cristingoodwin
Cristin Goodwin
on x
Technical details on the #Nobelium #nationstate attack from our #MSTIC team here: https://www.microsoft.com/...
-
@natashabertrand
Natasha Bertrand
on x
“Nobelium, originating from Russia, is the same actor behind the attacks on SolarWinds customers in 2020...Nobelium launched this week's attacks by gaining access to the Constant Contact account of USAID.” https://blogs.microsoft.com/ ...
-
@marquardta
Alexander Marquardt
on x
What we know about the latest Russian hacks that used @USAID emails to target more than 150 organizations, including human rights and humanitarian orgs, @Microsoft says. The same SVR hackers that carried out the SolarWinds breach are being blamed. https://blogs.microsoft.com/ ...…
-
@lauferlaw
@lauferlaw
on x
How many times do I need to say we're at war with Russia. https://twitter.com/...
-
@drdenagrayson
@drdenagrayson
on x
New #sanctions aren't enough. The US and our allies must act boldly to put a stop to the continued cyberwarfare being waged by #Russia, #China, and other adversaries. Far past time to put our offensive cyber capabilities to work.😎 https://twitter.com/...
-
@virusbtn
Virus Bulletin
on x
Volexity researchers write about the same phishing email campaign as reported by Microsoft. They believe the APT29 threat actor is likely responsible for it. https://www.volexity.com/... https://twitter.com/...
-
@uscert_gov
Us-Cert
on x
Microsoft has released information on a widespread malicious email campaign carried out by a cyber actor they identify as NOBELIUM. See https://us-cert.cisa.gov/... #Cybersecurity #InfoSec
-
@peterjukes
Peter Jukes
on x
Russia Appears to Carry Out Hack Through System Used by U.S. Aid Agency - targeting NGOs and human rights activists https://www.nytimes.com/...
-
@bradsmi
Brad Smith
on x
This week the nation-state actor Nobelium launched cyberattacks targeting more than 150 organizations in at least 24 countries. These attacks are only escalating - gov'ts and the private sector must do more to address. https://blogs.microsoft.com/ ...