Microsoft warns of Midnight Blizzard spear phishing campaign
searchsecurity.techtarget.comThe tech giant is notifying users affected by a recently observed campaign, which has targeted more than 100 victim organizations globally so far.
- Arielle Waldman, News Writer
Microsoft warned that a Russian nation-state threat actor known as Midnight Blizzard is conducting an ongoing spear-phishing campaign against a variety of targets including government agencies.
In a blog post published on Tuesday, Microsoft detailed a "large scale spear phishing campaign" it attributed to Midnight Blizzard, the same actor that breached the tech giant earlier this year and was responsible for the notorious supply chain attack against SolarWinds in 2020. Microsoft initially observed the ongoing spear phishing campaign beginning on Oct. 22 and assessed Midnight Blizzard's goal as intelligence gathering.
During the campaign, attackers used legitimate addresses to send emails containing a signed Remote Desktop Protocol (RDP) configuration file to gain initial access to the targets ...
Copyright of this story solely belongs to searchsecurity.techtarget.com . To see the full text click HERE