Mariella Moon has been a night editor for Engadget since 2013, covering everything from consumer technology and video games to strange little robots that could operate on the human body from the inside one day. She has a special affinity for space, its technologies and its mysteries, though, and has interviewed astronauts for Engadget.
about an ongoing spear-phishing campaign by a threat actor called Midnight Blizzard, which US and UK authorities previously linked to Russia's intelligence agency. The company said it discovered that the bad actor has been sending out"highly targeted spear-phishing emails" since at least October 22 and that it believes the operation's goal is to collect intelligence.
Based on its observations, the group has been sending emails to individuals linked to various sectors, but it's known for targeting both government and non-government organizations, IT service providers, academia and defense. In addition, while it mostly focuses on organizations in the US and in Europe, this campaign also targeted individuals in Australia and Japan. Midnight Blizzard has already sent out thousands of spear-phishing emails to over 100 organizations for this campaign, Microsoft said, explaining that those emails contain a signed Remote Desktop Protocol connected to a server the bad actor controls. The group used email addresses belonging to real organizations stolen during its previous activities, making targets think that they're opening legitimate emails. It also used social engineering techniques to make it look like the emails were sent by employees from Microsoft or Amazon Web Services. If someone clicks and opens the RDP attachment, a connection is established to the server Midnight Blizzard controls. It then gives the bad actor access to the target's files, any network drives or peripherals connected to their computer, as well as their passkeys, security keys and other web authentication information. It could also install malware in the target's computer and network, including remote-access trojans that it could use to remain in the victim's system even after the initial connection has been cut off. The group is known by many other names, such as Cozy Bear and APT29, but you might remember it as the threat actor behind the 2020between the company and its customers. Microsoft didn't say whether this campaign has anything to do with the US Presidential Elections, but it's advising potential targets to be more proactive in protecting their systems.
Targeted Individuals Spear-Phishing Non-Government Organizations Threat Actor Campaign
Trending
A gorgeous April afternoon in store across the Denver metro area 
‘Artemis Mission Cannot Lead To Interplanetary Wild West,’ Astronomer Warns 
Trump says US forces will ‘finish the job’ soon in first prime-time speech since starting Iran war 
Former Wisconsin football player, who left the sport amid mental health struggles, dead at 24 
Drew McIntyre Gives Honest Take About His Recent WWE Title Reign 
U.S. Sen. Bernie Sanders introduces bill that could keep the Padres in San Diego United States Latest News, United States Headlines
Similar News:You can also read news stories similar to this one that we have collected from other news sources.
Cyber criminals are increasingly helping Russia and China target the US and allies, Microsoft saysRussia, China and Iran are expanding their partnerships with cyber criminals to conduct cyberespionage and cyberattacks against the U.S. and other nations, according to a new report from Microsoft.
Read more »
Cyber criminals increasingly helping Russia and China target the US, Microsoft saysRussia, China and Iran are expanding their partnerships with cyber criminals to conduct cyberespionage and cyberattacks against the U.S. and other nations, according to a new report from Microsoft
Read more »
Efforts by Russia, Iran and China to sway US voters may escalate, new Microsoft report saysA new threat intelligence report from Microsoft says foreign adversaries have showed continued determination to influence the U.S. election and there are signs their activity will intensify as Election Day nears.
Read more »
Efforts by Russia, Iran and China to sway US voters may escalate, new Microsoft report saysA new threat intelligence report from Microsoft says foreign adversaries have showed continued determination to influence the U.S. election and there are signs their activity will intensify as Election Day nears.
Read more »
Efforts by Russia, Iran and China to sway US voters may escalate, new Microsoft report saysA new threat intelligence report from Microsoft says foreign adversaries have showed continued determination to influence the U.S. election and there are signs their activity will intensify as Election Day nears.
Read more »
Efforts by Russia, Iran and China to sway US voters may escalate, new Microsoft report saysMicrosoft said Russian operatives are doubling down on fake videos to smear Harris’ campaign, while Chinese-linked social media campaigns are maligning down-ballot candidates critical of China.
Read more »