Russian-backed hackers are targeting cloud services, Microsoft says
Supply chain attacks allow hackers to steal information from multiple targets by breaking into a single product they all use. Microsoft said Monday that the same Russia-backed hackers responsible for the 2020 SolarWinds breach continue to attack the global technology supply chain and have been relentlessly targeting cloud service companies and others since summer. The group, which Microsoft calls Nobelium, has employed a new strategy to piggyback on the direct access that cloud service resellers have to their customers’ IT systems, hoping to “more easily impersonate an organization’s trusted technology partner to gain access to their downstream customers.” Resellers act as intermediaries between giant cloud companies and their ultimate customers, managing and customizing accounts. “Fortunately, we have discovered this campaign during its early stages, and we are sharing these developments to help cloud service resellers, technology providers, and their customers take timely steps to help ensure Nobelium is not more successful,” Tom Burt, a Microsoft vice president, said in a blog post. A U.S. government official briefed on the issue who insisted on anonymity to discuss the government’s response noted that “the activities described were unsophisticated password spray and phishing, run-of-the mill operations for the purpose of surveillance that we already know are attempted every day by Russia and other foreign governments.” The Russian Embassy did not immediately reply to a request for comment.
Notorious Iranian Hackers Have Been Targeting the Space Industry With a New Backdoor
The Russian hacker group behind the SolarWinds attack is at it again, Microsoft says
Russians Tied To The SolarWinds Cyberattack Hacked Federal Prosecutors, DOJ Says
Discover Related
'Hypocrites': Indian-origin techie confronts Microsoft bosses, quits over Gaza
How hackers stole billions in crypto to keep North Korea’s regime afloat
Russia hacked Signal in Ukraine weeks before US officials used it to discuss war plans
Fintech firm staff, five others held for cyber fraud
Is hacktivist group Dark Storm really behind the global outage of X?
US hasn’t determined who was behind cyberattack that caused outage on Musk’s X
Elon Musk Alleges Ukraine Link In X Outage As Hacking Group 'Dark Storm' Says It's Their Doing
US charges Chinese hackers, government officials in broad cybercrime campaign
US Says China Paid Hackers to Target Critics, Steal Data
US Charges 12 Alleged Spies in China’s Freewheeling Hacker-for-Hire Ecosystem
Microsoft workers protest sale of AI and cloud services to Israeli military
Microsoft workers protest sale of AI and cloud services to Israeli military
Microsoft workers protest sale of AI and cloud services to Israeli military
Bybit hacked: $1.5 billion in Ethereum stolen in sophisticated cyberattack
GCHQ issues alert over cyber-attackers working on behalf of Iranian government
Russian spies had access to EMA systems for four months in 2020 hack: report
China-backed APT40 hacking group blamed for cyber attacks on Samoa
Report details onslaught of cyberattacks
Russian cybercrime network targeted for sanctions across US, UK and Australia
UK announces sanctions against Russian cyber crime network
Report details onslaught of cyberattacks
Elon Musk hits out at Keir Starmer in row over Apple users’ data
International cybercrime network dismantled in major crackdown
Did DeepSeek steal OpenAI data for training? Microsoft begins probe: Report
Chinese and Iranian hackers are using US AI products to bolster cyberattacks
Microsoft probes if DeepSeek-linked group improperly obtained OpenAI data, Bloomberg News reports