Hackread.comApr 19, 2025

Russian hacker group Cozy Bear (aka #MidnightBlizzard, APT29) is back, using wine-tasting invites to phish EU diplomats. The bait? A new wave of WineLoader malware. 🍷🎣

Read: https://hackread.com/cozy-bear-wine-lure-wineloader-malware-eu-diplomats/

#CyberSecurity #APT29 #WineLoader #Russia #EU

Cozy Bear’s Wine Lure Drops WineLoader Malware on EU Diplomats

Follow us on Bluesky, Twitter (X), Mastodon and Facebook at @Hackread

Hackread - Latest Cybersecurity, Hacking News, Tech, AI & Crypto
The DefendOps DiariesApr 15, 2025

A wine tasting invite that turns into a covert cyber strike? Russian hackers are targeting European diplomats with a malware hidden in a seemingly harmless "wine.zip." Find out how GrapeLoader slips past security.

https://thedefendopsdiaries.com/grapeloader-malware-a-new-cyber-espionage-threat/

#grapeloader
#cyberespionage
#midnightblizzard
#spearphishing
#cybersecurity

Andreas KlopschNov 1, 2024

Midnight Blizzard conducts large-scale spear-phishing campaign using RDP files

https://www.microsoft.com/en-us/security/blog/2024/10/29/midnight-blizzard-conducts-large-scale-spear-phishing-campaign-using-rdp-files/

#malware #microsoft #nationstate #threatintel #infosec #itsecurity #midnightblizzard

Midnight Blizzard conducts large-scale spear-phishing campaign using RDP files | Microsoft Security Blog

Since October 22, 2024, Microsoft Threat Intelligence has observed Russian threat actor Midnight Blizzard sending a series of highly targeted spear-phishing emails to individuals in government, academia, defense, non-governmental organizations, and other sectors. This activity is ongoing, and Microsoft will continue to investigate and provide updates as available. Based on our investigation of previous Midnight […]

Microsoft Security Blog
The Threat CodexOct 30, 2024
Midnight Blizzard conducts large-scale spear-phishing campaign using RDP files
#MidnightBlizzard
https://www.microsoft.com/en-us/security/blog/2024/10/29/midnight-blizzard-conducts-large-scale-spear-phishing-campaign-using-rdp-files/
Midnight Blizzard conducts large-scale spear-phishing campaign using RDP files | Microsoft Security Blog

Since October 22, 2024, Microsoft Threat Intelligence has observed Russian threat actor Midnight Blizzard sending a series of highly targeted spear-phishing emails to individuals in government, academia, defense, non-governmental organizations, and other sectors. This activity is ongoing, and Microsoft will continue to investigate and provide updates as available. Based on our investigation of previous Midnight […]

Microsoft Security Blog
gtbarryJul 12, 2024

Microsoft’s breach notification emails end up in spam folder

The Russian nation-state hacker group Midnight Blizzard penetrated Microsoft’s defenses last year

“The notifications aren’t in the portal – they emailed tenant admins instead. The emails can go into spam. They also haven’t informed orgs via account managers”

#Russia #Russian #MidnightBlizzard #Microsoft #email #spam #security #cybersecurity #hackers #hacking

https://cybernews.com/news/microsofts-breach-notification-emails-end-up-in-spam-folder/

Marcel SIneM(S)USJul 2, 2024
#Microsoft informiert betroffene Kunden von #MidnightBlizzard-Spionage | Security https://www.heise.de/news/Microsoft-informiert-betroffene-Kunden-von-Midnight-Blizzard-Spionage-9783168.html #CozyBear
Microsoft informiert betroffene Kunden von Midnight-Blizzard-Spionage

Anfang des Jahres entdeckte Microsoft, dass Midnight Blizzard E-Mail-Systeme ausgespäht hat. Jetzt informiert Microsoft betroffene Kunden.

heise online
The MES TimesJul 2, 2024

Microsoft has notified more customers that Russian cybercriminals have stolen their emails in a recent breach. Initially thought to involve only a few executive emails, the breach has now been revealed to affect more customers. The Russian hackers, known as Midnight Blizzard, also accessed sensitive US government data.

#CyberSecurity #DataBreach #MicrosoftHack #RussianHackers #NationalSecurity #MidnightBlizzard #InfoSec #TechNews #EmailSecurity

Marcel SIneM(S)USJul 1, 2024
#TeamViewer-Angriff: Die Spur führt nach #Russland 🇷🇺 | Security https://www.heise.de/news/TeamViewer-Angriff-Die-Spur-fuehrt-nach-Russland-9782630.html #Russia 🇷🇺 #APT29 #CozyBear #MidnightBlizzard #CyberCrime
TeamViewer-Angriff: Die Spur führt nach Russland

Die Eindringlinge von "Cozy Bear" hatten offenbar die Zugangsdaten eines TeamViewer-Angestellten erbeutet, um in die IT-Infrastruktur einzudringen.

heise online
jbzJun 30, 2024

🪆 Microsoft from the 90s is back

「 Some of these clients had already known they were affected by the breach. Others were hearing it for the first time now that Microsoft has had more time to assess the damage, a sign that the hack has had broader repercussions than initially thought. Microsoft declined to say which customers received notices 」

https://www.bloomberg.com/news/articles/2024-06-27/microsoft-tells-some-clients-that-russian-hackers-viewed-emails

#Microsoft #MidnightBlizzard #Russia #Infosec

Don Trueten Jun 28, 2024

Hoppla!

#Fernwartungssoftware #TeamViewer kompromittiert

am 27.06.2024 wurde bekannt, dass der Fernwartungs-Anbieter "TeamViewer" am 26.06.2024 Anzeichen für eine Kompromittierung seiner internen IT-Systeme durch einen professionelle Cyber-Angreifer festgestellt hat.  

Nach aktuellen Informationen könnte es sich bei dem Angreifer um die gleiche Gruppierung handeln, die für einen sogenannten "#Lieferkettenangriff" ein US-amerikanisches Unternehmen im Jahr 2020 verantwortlich gemacht wird. Beim damaligen Angriffs sind über eine #Management-Software des Anbieters tausende Kunden des Anbieters kompromittiert wurden.

https://www.golem.de/news/teamviewer-gehackt-cyberangriff-trifft-populaere-fernwartungssoftware-2406-186526.html #Nerdkram #MidnightBlizzard

Teamviewer gehackt: Cyberangriff trifft populäre Fernwartungssoftware - Golem.de

Teamviewer hat bestätigt, dass es einen Sicherheitsvorfall gegeben hat. Erste Hinweise deuten darauf hin, dass die Hackergruppe Midnight Blizzard dahinterstecken könnte.

Golem.de