@rulerofoats.bsky.social
Reposted
Microsoft Threat Intelligence has uncovered a cyberespionage campaign by the Russian state actor we track as Secret Blizzard targeting embassies in Moscow using an adversary-in-the-middle (AiTM) position to deploy their custom ApolloShadow malware. msft.it/63320sJmHK
Frozen in transit: Secret Blizzard’s AiTM campaign against diplomats | Microsoft Security Blog
Microsoft Threat Intelligence has uncovered a cyberespionage campaign by the Russian state actor we track as Secret Blizzard that has been ongoing since at least 2024, targeting embassies in Moscow using an adversary-in-the-middle (AiTM) position to deploy their custom ApolloShadow malware.
msft.it
July 31, 2025 at 4:02 PM
Microsoft Threat Intelligence has uncovered a cyberespionage campaign by the Russian state actor we track as Secret Blizzard targeting embassies in Moscow using an adversary-in-the-middle (AiTM) position to deploy their custom ApolloShadow malware. msft.it/63320sJmHK
Reposted
Microsoft has discovered a cluster of worldwide cloud abuse activity by new Russia-affiliated threat actor Void Blizzard (LAUNDRY BEAR), whose cyberespionage activity targets gov't, defense, transportation, media, NGO, and healthcare in Europe and North America. https://msft.it/63324S9Jkp
New Russia-affiliated actor Void Blizzard targets critical sectors for espionage | Microsoft Security Blog
Microsoft Threat Intelligence has discovered a cluster of worldwide cloud abuse activity conducted by a threat actor we track as Void Blizzard, who we assess with high confidence is Russia-affiliated and has been active since at least April 2024. Void Blizzard’s cyberespionage operations tend to be highly targeted at specific organizations of interest to Russia, including in government, defense, transportation, media, non-governmental organizations (NGOs), and healthcare sectors primarily in Europe and North America.
msft.it
May 27, 2025 at 9:55 AM
Microsoft has discovered a cluster of worldwide cloud abuse activity by new Russia-affiliated threat actor Void Blizzard (LAUNDRY BEAR), whose cyberespionage activity targets gov't, defense, transportation, media, NGO, and healthcare in Europe and North America. https://msft.it/63324S9Jkp
Reposted
Lumma Stealer, an infostealer malware used by multiple financially motivated threat actors like Octo Tempest (Scattered Spider) to target a wide range of industries, has shown persistent growth and operational sophistication over the past year: https://msft.it/63326Sd2PM
Lumma Stealer: Breaking down the delivery techniques and capabilities of a prolific infostealer | Microsoft Security Blog
Over the past year, Microsoft Threat Intelligence observed the persistent growth and operational sophistication of Lumma Stealer, an info-stealing malware used by multiple financially motivated threat actors to target various industries. Microsoft, partnering with others across industry and international law enforcement, facilitated the disruption of Lumma infrastructure.
msft.it
May 21, 2025 at 4:15 PM
Lumma Stealer, an infostealer malware used by multiple financially motivated threat actors like Octo Tempest (Scattered Spider) to target a wide range of industries, has shown persistent growth and operational sophistication over the past year: https://msft.it/63326Sd2PM
Exchange & SharePoint servers are prime targets for attackers. Microsoft is raising the bar by integrating AMSI (Antimalware Scan Interface) directly into these platforms—adding a powerful new layer of defense. www.microsoft.com/en-us/securi...
Stopping attacks against on-premises Exchange Server and SharePoint Server with AMSI | Microsoft Security Blog
Exchange Server and SharePoint Server are business-critical assets and considered crown-jewels for many organizations, making them attractive targets for attacks. To help customers protect their envir...
www.microsoft.com
May 16, 2025 at 11:15 PM
Exchange & SharePoint servers are prime targets for attackers. Microsoft is raising the bar by integrating AMSI (Antimalware Scan Interface) directly into these platforms—adding a powerful new layer of defense. www.microsoft.com/en-us/securi...