1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • Hackers compromised Microsoft support agent to launch attacks against

    From TechnologyDaily@1337:1/100 to All on Mon Jun 28 14:45:03 2021
    Hackers compromised Microsoft support agent to launch attacks against customers

    Date:
    Mon, 28 Jun 2021 13:35:02 +0000

    Description:
    State-sponsored threat actors used basic account information skimmed from a support agent to launch targeted attacks.

    FULL STORY ======================================================================

    Cybersecurity researchers from Microsoft have shared details about a recent and mostly unsuccessfully campaign by state-sponsored actors against several customers.

    Security experts at the Microsoft Threat Intelligence Center (MSTIC) note
    that threat actor Nobelium used an information-stealing malware on the computer of a customer support agent to launch a series of highly-targeted attacks.

    This recent activity was mostly unsuccessful, and the majority of targets
    were not successfully compromised we are aware of three compromised entities to date, shared MTIC in a blog post , without going into details about the extent of the compromise. TechRadar needs you!

    We're looking at how our readers use VPNs with streaming sites like Netflix
    so we can improve our content and offer better advice. This survey won't take more than 60 seconds of your time, and you can also choose to enter the prize draw to win a $100 Amazon voucher or one of five 1-year ExpressVPN subscriptions.

    Click here to start the survey in a new window << Protect your devices
    with these best antivirus software These are the best ransomware protection tools Here's our choice of the best malware removal software on the market

    Reuters claims Microsoft announced the breach only after it approached the software giant to inquire about a note the Redmond-based company had sent out to affected customers. Run-of-the-mill espionage

    The state-sponsored Nobelium group, thought to be operating out of Russia, is largely believed to be behind the infamous SolarWinds supply chain attack.

    Reuters spoke to an unnamed official at the White House, who claimed the latest campaign appeared far less serious than the SolarWinds attack.

    "This appears to be largely unsuccessful, run-of-the-mill espionage," the official reportedly told Reuters .

    In its blog post, MSTIC shares that Nobelium conducted password spray and brute-force attacks against Microsoft customers to gain access to their networks.

    The threat actor targeted customers in three dozen countries, with most of
    the targets in the US (45%), followed by UK (10%), and smaller numbers in Germany and Canada.

    The majority of these were IT companies (57%), followed by government
    entities (20%), and smaller percentages for non-governmental organizations
    and think tanks, as well as financial services.

    This type of activity is not new, and we continue to recommend everyone take security precautions such as enabling multi-factor authentication to protect their environments from this and similar attacks, MSTIC advised. We've put together a list of the best endpoint protection software



    ======================================================================
    Link to news story: https://www.techradar.com/news/hackers-compromised-microsoft-support-agent-to- launch-attacks-against-customers/


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)