Melodi
Disaster Cat
I thought what happened in Ireland at the HSE might be a "trial run" for targeting government agencies in the US in States and larger countries - I realize this is officially connected to the Solar Wind attack on the pipeline, but I thought it was important enough to do a stand-alone post since they are now targeting governments and other organizations in the US. This information is coming out from Mircosoft, but I hope we will get other sources soon - MelodiSolarWinds hackers are at it again, targeting 150 organizations, Microsoft warns
Microsoft said that Nobelium, a Russian-based hacking group, launched the phishing campaign by gaining access to a marketing account of USAID.
Government Shutdown Drags Into Third Week With No Resolution
May 28, 2021, 7:11 AM BST
By Phil Helsel and Ezra Kaplan
The Russian-based group behind the SolarWinds hack has launched a new campaign that appears to target government agencies, think tanks and non-governmental organizations, Microsoft said Thursday.
Nobelium launched the current attacks after getting access to an email marketing service used by the United States Agency for International Development, or USAID, according to Microsoft.
"These attacks appear to be a continuation of multiple efforts by Nobelium to target government agencies involved in foreign policy as part of intelligence gathering efforts," Tom Burt, Microsoft vice president of customer security and trust, wrote in a blog post.
The campaign, which Microsoft called an active incident, targeted 3,000 email accounts across 150 organizations, mostly in the United States, Burt said. But the targets are in at least 24 countries. At least a quarter of the targeted organizations are said to be involved in things like international development and human rights work.
The effort involved sending phishing emails that were made to look legitimate but designed to deliver malicious files.
Cybersecurity firm Volexity, which also tracked the campaign but has less visibility into email systems than Microsoft, wrote in a post that relatively low detection rates of the phishing emails suggest the attacker was “likely having some success in breaching targets,” the Associated Press reported.
Microsoft did not say whether or how many attempts were successful. It said many emails in the high-volume campaign would have been blocked by automated systems.
The email campaign has been going on since at least January and evolved over waves, Microsoft said in a separate blog post.
SolarWinds hackers are at it again, Microsoft says
Microsoft said that Nobelium, a Russian-based hacking group, launched the phishing campaign by gaining access to a marketing account of the U.S. Agency for International Development.
www.nbcnews.com
Government Shutdown Drags Into Third Week With No Resolution
May 28, 2021, 7:11 AM BST
By Phil Helsel and Ezra Kaplan
The Russian-based group behind the SolarWinds hack has launched a new campaign that appears to target government agencies, think tanks and non-governmental organizations, Microsoft said Thursday.
Nobelium launched the current attacks after getting access to an email marketing service used by the United States Agency for International Development, or USAID, according to Microsoft.
"These attacks appear to be a continuation of multiple efforts by Nobelium to target government agencies involved in foreign policy as part of intelligence gathering efforts," Tom Burt, Microsoft vice president of customer security and trust, wrote in a blog post.
The campaign, which Microsoft called an active incident, targeted 3,000 email accounts across 150 organizations, mostly in the United States, Burt said. But the targets are in at least 24 countries. At least a quarter of the targeted organizations are said to be involved in things like international development and human rights work.
The effort involved sending phishing emails that were made to look legitimate but designed to deliver malicious files.
Cybersecurity firm Volexity, which also tracked the campaign but has less visibility into email systems than Microsoft, wrote in a post that relatively low detection rates of the phishing emails suggest the attacker was “likely having some success in breaching targets,” the Associated Press reported.
Microsoft did not say whether or how many attempts were successful. It said many emails in the high-volume campaign would have been blocked by automated systems.
The email campaign has been going on since at least January and evolved over waves, Microsoft said in a separate blog post.