Midnight Blizzard Escalates Spear-Phishing Attacks

Midnight Blizzard Escalates Spear-Phishing Attacks

Microsoft Threat Intelligence has uncovered a new attack campaign by Russian threat actor Midnight Blizzard, targeting thousands of users across over 100 organizations. The attack leverages spear-phishing emails with RDP configuration files, allowing attackers to connect to and potentially compromise the targeted systems. The attack campaign targeted thousands of users in higher education, defense, non-governmental organizations, and government agencies. Dozens of countries have been impacted, particularly in the U.K., Europe, Australia, and Japan, which is…

Read More

Microsoft and SysAid Find Clop Malware Vulnerability

Microsoft and SysAid Find Clop Malware Vulnerability

SysAid has patched a zero-day vulnerability that could allow attackers to exfiltrate data and launch ransomware. On Nov. 8, SysAid, an Israel-based IT service management software company, reported a potentially exploited zero-day vulnerability in their on-premises software. Users of their on-premises server installations were encouraged to run version 23.3.36, which contained a fix. Microsoft Threat Intelligence analyzed the threat and found that Lace Tempest had exploited it. The vulnerability was exploited by the threat group…

Read More