Microsoft: hackers behind SolarWinds recently breached State Dept. aid agency to send emails with malicious code to 150 orgs, including NGOs critical of Putin
Microsoft reported that it had detected the intrusion and that the same hackers behind the earlier SolarWinds attack were responsible.
New York Times
Related Coverage
- Microsoft says SolarWinds hackers have struck again at the US and other countries CNN
- Hackers Linked to SolarWinds Return With Phishing Attack, Microsoft Says Wall Street Journal · Robert McMillan
- Breaking down NOBELIUM's latest early-stage toolset Microsoft Security · Eric Avena
- Microsoft Warns of a New Russian Cyberattack Thurrott · Paul Thurrott
- Another Nobelium Cyberattack Microsoft On the Issues · Tom Burt
- Alert (AA21-148A) — Sophisticated Spearphishing Campaign Targets Government Organizations, IGOs, and NGOs us-cert.cisa.gov
- Russian hackers behind SolarWinds targeting government agencies, Microsoft warns Livemint · Prasid Banerjee
- View article Microsoft Security
- Russian hackers target aid groups in new cyber-attack, says Microsoft BBC
- SolarWinds hackers are behind a widespread phishing campaign impersonating USAID, Microsoft says CyberScoop · Sean Lyngaas
- SolarWinds attack group targeted US government agencies in email attack Windows Central · Sean Endicott
- Biden Budget Ups Request for Civilian Agencies' Cybersecurity Nextgov · Mariam Baksh
- SolarWinds hackers are back with a new mass campaign, Microsoft says Ars Technica · Dan Goodin
- View article Channel Futures
- The SolarWinds Hackers Aren't ‘Back.’ They Never Went Away Wired · Lily Hay Newman
- Microsoft: Russian SVR hackers target govt agencies from 24 countries BleepingComputer · Sergiu Gatlan
- Microsoft Announces New Campaign from NOBELIUM us-cert.cisa.gov
- Russian Hackers Target Human Rights Orgs Using Account of US Aid Agency PCMag · Chloe Albanesius
- SolarWinds attackers leveraged trust in Constant Contact email marketing, USAID, to launch campaign SC Media · Bradley Barth
- SolarWinds attacker Nobelium targets over 150 companies in new mass email campaign CSO · Lucian Constantin
- How hackers wash dirty crypto money Financial Times · Chris Nuttall
- SolarWinds hackers using NativeZone backdoor against 24 countries HackRead · Waqas
- Hackers are using Trump's election fraud conspiracy to break into U.S. government agencies Mashable · Matt Binder
- What We Know About The Apparent Russian Hack Exploiting A U.S. Aid Agency NPR · Bill Chappell
- SolarWinds hackers resurface to attack government agencies and think tanks TechRepublic · Lance Whitney
- Microsoft says Russian hackers behind SolarWinds targeted 150 other groups New York Post · Theo Wayt
- The group that hacked SolarWinds is out with a new campaign, Microsoft says Federal Computer Week · Justin Katz
- Warning: email based attack. Civil Society Watch Out! CyberPeace Institute · Jeannie Cointre
- SolarWinds Russian Nobelium Hackers Strike Again, Compromise Constant Contact Reports Microsoft HotHardware.com News · Nathan Ord
- SolarWinds Attackers Impersonate USAID in Advanced Email Campaign Dark Reading · Kelly Sheridan
- SolarWinds Hackers Used Constant Contact Email Service In Phishing Attack CRN
- SVR cyberspies used iOS zero-day in recent phishing campaign The Record · Catalin Cimpanu
- SolarWinds Hackers Go Phishing infosecurity-magazine.com · Sarah Coble
- Microsoft warns of ‘sophisticated’ Russian email attack targeting government agencies The Verge · Jon Porter
- SolarWinds attackers launch new campaign Malwarebytes Labs · Pieter Arntz
- Microsoft: Active NOBELIUM Malware Actors' Spear-Phishing Campaign HealthITSecurity · Jessica Davis
- Microsoft: Nobelium Cyberattackers Targeting Governments, NGOs PYMNTS.com
- SolarWinds Hackers Targeting Government Agencies Via Email Security Boulevard · Nathan Eddy
- SolarWinds Hackers Target Think Tanks With New ‘NativeZone’ Backdoor The Hacker News · Ravie Lakshmanan
- Nobelium Phishing Campaign Poses as USAID Threatpost · Elizabeth Montalbano
- USAID hit with cyberattack by Russian-backed group Nobelium: Microsoft FedScoop · Billy Mitchell
- SolarWinds Hackers Impersonate U.S. Government Agency in New Attacks SecurityWeek · Eduard Kovacs
- Russian Hackers Resume U.S. Cyber Offensive, Microsoft Says Bloomberg · Jamie Tarabay
- Russia-linked SolarWinds hackers target email accounts used by State Department aid agency USA Today · Kim Hjelmgaard
- Russian hackers seized email system used by State Department aid agency, human rights groups The Hill · Jordan Williams
- Microsoft Warns Of Phishing Campaign Under Guise Of US-Based Development Organization International Business Times · Leah Yecla
- Microsoft Says SolarWinds Hackers Now Targeting Government Agencies & NGOs MUO · Gavin Phillips
- Microsoft reveals new phishing campaign by SolarWinds hackers Engadget · Mariella Moon
- Russian hackers launch major cyberattack through U.S. aid agency's email system, Microsoft says CNBC · Sam Shead
- Microsoft says the Russian group behind the SolarWinds hack is now targeting 150 government agencies, NGOs, and think tanks with a massive phishing email campaign Insider · Kate Duffy
- SolarWinds hackers are at it again, targeting 150 organizations, Microsoft warns NBC News · Phil Helsel
- Microsoft says group behind SolarWinds hack now targeting government agencies, NGOs CyberNews
- Suspected APT29 Operation Launches Election Fraud Themed Phishing Campaigns Volexity
- Microsoft warns of current Nobelium phishing campaign impersonating USAID ZDNet · Chris Duckett
- Russian SolarWinds hackers launch new phishing campaign iTnews · Juha Saarinen
- Cozy Bear revisits one of its greatest hits, researchers say: election skulduggery CyberScoop · Tim Starks
- New sophisticated email-based attack from NOBELIUM Microsoft Security
- Russian SolarWinds hackers launch email attack on government agencies The Guardian
Discussion
-
@cglyer
Christopher Glyer
on x
There are so many layers to the latest phishing campaign from NOBELIUM. Let's start with the breadth “3,000 individual accounts across more than 150 organizations” And the techniques URL -> ISO (don't see that every day) -> LNK disguised as a folder -> Custom CS Beacon Loader htt…
-
@jsrailton
John Scott-Railton
on x
NEW: Russian gov-linked hackers seized a @ConstantContact account used by @USAID & targeted thousands with malware, like human rights groups critical of Putin. Great to see @msstic & @MsftSecIntel rapidly & publicly attributing this. https://www.microsoft.com/... https://twitter.…
-
@dnvolz
Dustin Volz
on x
Microsoft says hackers leveraged legit mass-mailing service Constant Contact in this campaign and that due to volume “automated email threat detection systems blocked most of the malicious emails and marked them as spam.” https://www.microsoft.com/...
-
@dnvolz
Dustin Volz
on x
Microsoft says in a security bulletin that the SolarWinds hackers are behind a new “wide-scale malicious email campaign” targeting 3,000 individual accounts across more than 150 organizations that used “unique infrastructure and tooling for each target.” https://www.microsoft.com…
-
@cristingoodwin
Cristin Goodwin
on x
Technical details on the #Nobelium #nationstate attack from our #MSTIC team here: https://www.microsoft.com/...
-
@natashabertrand
Natasha Bertrand
on x
“Nobelium, originating from Russia, is the same actor behind the attacks on SolarWinds customers in 2020...Nobelium launched this week's attacks by gaining access to the Constant Contact account of USAID.” https://blogs.microsoft.com/ ...
-
@marquardta
Alexander Marquardt
on x
What we know about the latest Russian hacks that used @USAID emails to target more than 150 organizations, including human rights and humanitarian orgs, @Microsoft says. The same SVR hackers that carried out the SolarWinds breach are being blamed. https://blogs.microsoft.com/ ...…
-
@lauferlaw
@lauferlaw
on x
How many times do I need to say we're at war with Russia. https://twitter.com/...
-
@drdenagrayson
@drdenagrayson
on x
New #sanctions aren't enough. The US and our allies must act boldly to put a stop to the continued cyberwarfare being waged by #Russia, #China, and other adversaries. Far past time to put our offensive cyber capabilities to work.😎 https://twitter.com/...
-
@virusbtn
Virus Bulletin
on x
Volexity researchers write about the same phishing email campaign as reported by Microsoft. They believe the APT29 threat actor is likely responsible for it. https://www.volexity.com/... https://twitter.com/...
-
@uscert_gov
Us-Cert
on x
Microsoft has released information on a widespread malicious email campaign carried out by a cyber actor they identify as NOBELIUM. See https://us-cert.cisa.gov/... #Cybersecurity #InfoSec
-
@peterjukes
Peter Jukes
on x
Russia Appears to Carry Out Hack Through System Used by U.S. Aid Agency - targeting NGOs and human rights activists https://www.nytimes.com/...
-
@bradsmi
Brad Smith
on x
This week the nation-state actor Nobelium launched cyberattacks targeting more than 150 organizations in at least 24 countries. These attacks are only escalating - gov'ts and the private sector must do more to address. https://blogs.microsoft.com/ ...
-
@pwnallthethings
@pwnallthethings
on x
Important, and often missed point in these types of company posts, is how collaborative threat-intel is behind the scenes. That iOS 0-day (CVE-2021-1879) Microsoft mentions? That was reported to Apple by Google's Threat Intel team https://twitter.com/...
-
@jmhansler
Jennifer Hansler
on x
.@USAID acting spox says the “forensic investigation into this security incident is ongoing.” “USAID has notified and is working with all appropriate Federal authorities, including (DHS) and the Cybersecurity and Infrastructure Security Agency (CISA),” she says https://twitter.co…
-
@hshaban
Hamza Shaban
on x
An unsettling detail: The phishing emails tried to grab people's attention with a subject ripped from current events: “Donald Trump has published new documents on election fraud,” once again taking advantage of homegrown chaos and disinformation in the US https://www.washingtonpo…
-
@kaitlancollins
Kaitlan Collins
on x
One of the fake emails that appeared to originate from USAID included an authentic sender address. The email posed as a “special alert” that invited recipients to click on a link to “view documents” from former President Donald Trump on election fraud. https://www.cnn.com/...
-
@b_fung
Brian Fung
on x
CSIS's @james_a_lewis says this shows how the Russians are undeterred by recent US actions to hold the Kremlin accountable: “They aren't afraid of the US response. They are testing the new administration.”
-
@nicoleperlroth
Nicole Perlroth
on x
New (and big): Russia's SVR has seized an email system used by the State Department's international aid agency to send malicious emails to human rights groups and NGOs critical of Putin, with @SangerNYT discovered by @Microsoft https://www.nytimes.com/...
-
@b_fung
Brian Fung
on x
Microsoft says the hackers got in through Constant Contact, an email marketing tool used by USAID. Constant Contact tells me it's aware of an “isolated” incident in which one of its clients was compromised, and has “temporarily disabled the impacted accounts.”
-
@b_fung
Brian Fung
on x
Microsoft says the same Russian hackers behind the SolarWinds campaign are at it again — this time targeting humanitarian orgs and others via USAID: https://www.cnn.com/...