Security News > 2021 > June > Microsoft: SolarWinds Hackers Continue to Target IT Companies
Microsoft says it has observed new activity associated with Nobelium, the Russia-linked threat actor that compromised IT management and monitoring solutions provider SolarWinds.
The SolarWinds attack was brought to light in early December 2020 and it involved compromising SolarWinds' Orion monitoring product to deliver trojanized updates to the company's customers worldwide, in an effort to breach their networks.
On Friday, Microsoft revealed that it recently observed password spray and brute-force attacks associated with current Nobelium activity, with targets identified in 36 countries.
While most of the attacks were not successful, the hackers did manage to compromise at least three organizations, Microsoft says.
Attacks such as these, Microsoft says, can be mitigated by implementing good security practices, such as multi-factor authentication and a Zero Trust architecture.
"This type of activity is not new, and we continue to recommend everyone take security precautions such as enabling multi-factor authentication to protect their environments from this and similar attacks," the tech giant notes.
News URL
Related news
- Microsoft: macOS bug lets hackers install malicious kernel drivers (source)
- Hackers use FastHTTP in new high-speed Microsoft 365 password attacks (source)
- Hackers spoof Microsoft ADFS login pages to steal credentials (source)
- Hackers exploit Cityworks RCE bug to breach Microsoft IIS servers (source)
- Microsoft: Russian-Linked Hackers Using 'Device Code Phishing' to Hijack Accounts (source)
- Microsoft: Hackers steal emails in device code phishing attacks (source)
- Chinese hackers abuse Microsoft APP-v tool to evade antivirus (source)