Cancel
CreatorsPublishersAdvertisers
View more in
Public Safety

Microsoft: SolarWinds hackers target 150 orgs with phishing

By Associated Press
Posted by 
POLITICO
POLITICO
 19 days ago
https://img.particlenews.com/image.php?url=2xLf6X_0aEU1ul700
The hackers gained access to USAID's account at Constant Contact, an email marketing service. | J. David Ake/AP Photo

BOSTON — The state-backed Russian cyber spies behind the SolarWinds hacking campaign launched a targeted spear-phishing assault on U.S. and foreign government agencies and think tanks this week using an email marketing account of the U.S. Agency for International Development, Microsoft said.

The effort targeted about 3,000 email accounts at more than 150 different organizations, at least a quarter of them involved in international development, humanitarian and human rights work, Microsoft Vice President Tom Burt said in a blog post late Thursday.

It did not say what portion of the attempts may have led to successful intrusions.

The cybersecurity firm Volexity, which also tracked the campaign but has less visibility into email systems than Microsoft, said in a post that relatively low detection rates of the phishing emails suggest the attacker was “likely having some success in breaching targets.”

Burt said the campaign appeared to be a continuation of multiple efforts by the Russian hackers to “target government agencies involved in foreign policy as part of intelligence gathering efforts.” He said the targets spanned at least 24 countries.

The hackers gained access to USAID's account at Constant Contact, an email marketing service, Microsoft said. The authentic-looking phishing emails dated May 25 purport to contain new information on 2020 election fraud claims and include a link to malware that allows the hackers to “achieve persistent access to compromised machines.”

Microsoft said in a separate blog post that the campaign is ongoing and evolved out of several waves of spear-phishing campaigns it first detected in January that escalated to the mass-mailings of this week.

While the SolarWinds campaign, which infiltrated dozens of private sector companies and think tanks as well as at least nine U.S. government agencies, was supremely stealthy and went on for most of 2020 before being detected in December by the cybersecurity firm FireEye, this campaign is what cybersecurity researchers call noisy. Easy to detect.

Microsoft noted the two mass distribution methods used: the SolarWinds hack exploited the supply chain of a trusted technology provider's software updates; this campaign piggybacked on a mass email provider.

With both methods, the company said, the hackers undermine trust in the technology ecosystem.

POLITICO

POLITICO

Washington, DC
83K+
Followers
5K+
Post
55M+
Views
ABOUT

POLITICO is the dominant source for politics and policy news around the world. Nobody knows politics like POLITICO.

 https://www.politico.com
IN THIS ARTICLE
#Hackers#Phishing Emails#Email Accounts#Email Marketing#Constant Contact#Ap Photo Boston#Russian#Volexity
YOU MAY ALSO LIKE
News Break
Microsoft
News Break
SolarWinds
News Break
Public Safety
News Break
Technology
News Break
Marketing
Country
Russia
Related
Softwareehackingnews.com

Poisoned Installers Found in SolarWinds Hackers Toolkit

The ongoing multi-vendor investigations into the SolarWinds mega-hack took a new turn this week when additional malware artifacts were discovered that could be leveraged in future supply chain operations. The current session of attacks linked to the APT29/Nobelium threat actor contains a custom downloader that is part of a "poisoned...
SoftwareThe Hacker News

US Seizes Domains Used by SolarWinds Hackers in Cyber Espionage Attacks

Days after Microsoft, Secureworks, and Volexity shed light on a new spear-phishing activity unleashed by the Russian hackers who breached SolarWinds IT management software, the U.S. Department of Justice (DoJ) Tuesday said it intervened to take control of two command-and-control (C2) and malware distribution domains used in the campaign. The...
Fraud CrimesCNN

Hackers have a devastating new target

(CNN Business) — A major gas pipeline. Dozens of government agencies. A Florida city's water supply. And now, one of the world's top meat producers. The last few months have seen a sharp rise in cyberattacks, often disrupting products and services that are key to our everyday lives. Many of those attacks have used ransomware, a set of tools that lets hackers gain access to computer systems and disrupt or lock them until they get paid.
Softwarenationalcybersecuritynews.today

Hackers targeting ‘anything that looks vulnerable’ in Microsoft Exchange attacks, official says – National | #microsoft | #hacking | #cybersecurity

The head of Canada’s Cyber Centre is urging organizations to close a door in their Microsoft Exchange email servers that had been left wide open for hackers to exploit. While many companies have already patched their systems, some have yet to do so – and for those businesses, it may already be too late.
Public Safetyalbuquerqueexpress.com

New York subway system targeted by Chinese-linked hackers

Washington [US], June 3 (ANI): Suspected Chinese-linked hacking group penetrated the Metropolitan Transportation Authority's computer systems in the United States in April, exposing vulnerabilities in a vast transportation network that carries millions of people every day, according to MTA document. Although the hackers did not gain access to systems that...
Public SafetyPosted by
Daily Voice

Hackers Targeted NY Subway System, MTA Says, As Fears Of More Cyberattacks Grow

The New York subway system was targeted by hackers, the Metropolitan Transportation Authority (MTA) confirmed, according to a new report. In the wake of hackers hitting the Colonial Pipeline Company, a large North American meat producer, and the Steamship Authority of Massachusetts, the New York Times is reporting that on Tuesday, April 20, the FBI, CISA, and National Security Agency announced they had been targeted by Chinese hackers.
Public SafetyPosted by
CBS News

Dominant companies a fat target for hackers and cyberwarfare

The recent ransomware attacks that temporarily crippled major U.S. suppliers of beef and fuel offer a frightening glimpse of the chaos cyberwarfare could sow, especially if the perpetrators were more focused on damaging critical infrastructure than reaping a financial bounty. Security experts underscore the potential national implications of the attacks,...
ComputersItproportal

Cryptomining attacks are targeting Kubernetes, Microsoft warns

Microsoft has issued a warning about ongoing cyberattacks targeting vulnerable Kubernetes clusters, with the goal of mining cryptocurrency for the attackers. The Redmond software giant identified a series of attacks against clusters running Kubeflow machine learning (ML) instances. Microsoft said the attacks started in late May, when its researchers spotted a sudden rise in TensorFlow machine learning pod reployments.
Industrybloomberglaw.com

Commodity Firms’ M&A Binge Creates Big, Tempting Hacker Targets

‘Critical infrastructures are frequently not well defended’. A company that slaughters cattle may seem like an unlikely target for a cyberattack. That is, until you realize that taking out just one company could paralyze burger and steak supplies for all Americans. That’s the lesson from the recent. ransomware. attack on...
Businesshealthcareittoday.com

Is Cerner an Acquisition Target for Microsoft and Google?

Thanks for my friend Shereese Maynard for pointing out this article that suggests Cerner might be an acquisition target soon. The article makes the salacious statement that “Cerner is a wounded gazelle, and the lions are hungry.”. For those keeping track at home, we’ve been through this before when Jim...
Computersnationalcybersecuritynews.today

Windows 10 targeted by PuzzleMaker hackers using Chrome zero-days | #microsoft | #hacking | #cybersecurity

Kaspersky security researchers discovered a new threat actor dubbed PuzzleMaker, who has used a chain of Google Chrome and Windows 10 zero-day exploits in highly-targeted attacks against multiple companies worldwide. According to Kaspersky, the attacks coordinated by PuzzleMaker were first spotted during mid-April when the first victims’ networks were compromised.
Video Gamesvgr.com

Hackers Are Targeting Video Game Companies

Over the last several years, many video game companies have experienced issues from hackers around the world. Hacking into the codes and accounts of executives has presented significant security and financial repercussions for employees and players alike. If you are a gamer or own a gaming business, it’s now more...
Softwaresiliconangle.com

Critical vulnerabilities in VMware software targeted by hackers

The U.S Department of Homeland Security’s Cybersecurity and Infrastructure agency has warned companies to update and apply patches to VMware Center Server and VMware Cloud Foundation software after critical vulnerabilities were found exploited in the wild. The two vulnerabilities, formally named CVE-2021-21985 and CVE-2021-21986, were both detailed and patched by...
Technologymyce.com

Microsoft Warns of New Nobelium Phishing Campaign

Microsoft has recently issued a warning regarding the Russian-backed group known as Nobelium. The group is currently engaged in a phishing campaign after having gained control over the Constant Contact account used by USAID. Constant Contact is an email marketing platform. Through control of this account, Nobelium has been able...
Public Safetysecurityboulevard.com

47% Phishing Increase in Q1

Phishing is on the rise. PhishLabs identified 47% more phishing sites in Q1 of 2021 than there were in Q1 of 2020. This trend is continuing as Q2 attacks are also up significantly year-over-year. Last year, phishing spiked in late Q1 and Q2 as threat actors took advantage of pandemic-related...