Midnight Blizzard Escalates Spear-Phishing Attacks

Midnight Blizzard Escalates Spear-Phishing Attacks

Microsoft Threat Intelligence has uncovered a new attack campaign by Russian threat actor Midnight Blizzard, targeting thousands of users across over 100 organizations. The attack leverages spear-phishing emails with RDP configuration files, allowing attackers to connect to and potentially compromise the targeted systems. The attack campaign targeted thousands of users in higher education, defense, non-governmental organizations, and government agencies. Dozens of countries have been impacted, particularly in the U.K., Europe, Australia, and Japan, which is…

Read More

BeyondTrust Report: Microsoft Security Vulnerabilities Decreased by 5% in 2023

BeyondTrust Report: Microsoft Security Vulnerabilities Decreased by 5% in 2023

The number of Microsoft vulnerabilities has mostly flattened in 2023, with elevation of privilege and identity attacks being particularly common, according to BeyondTrust’s annual Microsoft Vulnerabilities report. Identity and access management solutions company BeyondTrust studied the most significant CVEs of 2023 and Microsoft vulnerability data from Microsoft’s monthly Patch Tuesday bulletins. The report includes vulnerability trends and tips about how to reduce identity attacks. Microsoft reported 1,228 vulnerabilities in 2023 The total number of Microsoft…

Read More

Tenable: Cyber Security Pros Should Worry About State-Sponsored Cyber Attacks

Tenable: Cyber Security Pros Should Worry About State-Sponsored Cyber Attacks

State-sponsored cyber intrusions have become an increasing concern to both Australian governments and organisations. Defence Minister Richard Marles warned just last year that the country was seeing a greater interest from state actors in critical infrastructure. Nathan Wenzler, chief security strategist at cyber security firm Tenable, said state-sponsored threat actors typically infiltrate by stealth and spread. Wenzler said Australian organisations should treat them as seriously as other actors or face serious risk during a geopolitical…

Read More

Microsoft Says State-Sponsored Attackers Accessed Senior Leaders' Emails

Microsoft Says State-Sponsored Attackers Accessed Senior Leaders' Emails

Microsoft disclosed on Jan. 19 that a nation-state backed attack occurred beginning in November 2023 in which the Russian state-sponsored threat actor group Midnight Blizzard accessed some Microsoft corporate emails and documents through compromised email accounts. The attackers gained access in November 2023 using a legacy test tenant account. From there, they could use that account’s permissions to access a small number of Microsoft corporate email accounts – some of those accounts were for senior…

Read More