Microsoft: Solar winds hackers Nobelium strikes global IT supply chains

Login or register to post comments 0 reads   1 posts
  • Mon, Oct 25, 2021 - 09:36am

    #1
    emdashtheory

    emdashtheory

    Status Silver Member (Offline)

    Joined: Mar 25 2020

    Posts: 235

    count placeholder2

    Microsoft: Solar winds hackers Nobelium strikes global IT supply chains

Tis the season. Our favorite Russian cyber supervillains are at it again.

the group is relying on spray-and-pray credential stuffing, phishing, API abuse, and token theft in attempts to obtain account credentials and privileged access to victims’ systems.

The new campaign is part of the Russian threat actors’ wider activities. Between July 1 and October 19, Microsoft has warned 609 customers of 22,868 hacking attempts, although the company notes that success is in the “low single digits.”

Prior to July 1, Microsoft alerted customers to overall nation-state hacker attack attempts a total of 20,500 times, including a past phishing campaign launched by Nobelium that impersonated USAID.

“This recent activity is another indicator that Russia is trying to gain long-term, systematic access to a variety of points in the technology supply chain and [to] establish a mechanism for surveilling — now or in the future — targets of interest to the Russian government,” Microsoft commented. “Fortunately, we have discovered this campaign during its early stages, and we are sharing these developments to help cloud service resellers, technology providers, and their customers take timely steps to help ensure Nobelium is not more successful.”

Microsoft has informed all impacted vendors and has also released technical guidance outlining how Nobelium attempts to move laterally across networks to reach downstream customers.

In a statement, Mandiant SVP and CTO, Charles Carmakal said the firm has investigated multiple cases of suspected Russian cyberattacks, of which supply chain relationships between technology providers and customers have been exploited.

 

 

Viewing 1 post (of 1 total)

Login or Register to post comments