Microsoft Threat Intelligence has discovered a new attack campaign by Russian hacker group Midnight Blizzard, targeted at thousands of users from over 100 organisations. The attack uses spear-phishing emails that contain RDP configuration files, allowing perpetrators to connect to and potentially compromise the targeted systems.
The malicious campaign targeted thousands of users from higher education, defence, non-governmental organisations, and government institutions. Dozens of nations have been impacted, mainly in the United Kingdom, Europe, Australia, and Japan, consistent with previous Midnight Blizzard phishing attacks.
In the most recent Midnight Blizzard assault campaign, victims received meticulously targeted emails including social engineering lures related to Microsoft, Amazon Web Services, and the concept of Zero Trust.
According to Microsoft Threat Intelligence, the emails were sent using email addresses from legitimate organisations obtained by the threat actor during earlier breaches. Every email included an RDP configuration file signed with a free LetsEncrypt certif
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents
Read the original article: