January 26, 2024 By Pierluigi Paganini
Microsoft revealed that Russia-linked APT Midnight Blizzard has been targeting organizations worldwide in a cyberespionage campaign.
Microsoft announced that the Russia-linked APT Midnight Blizzard that hit the company in late November 2023 has been targeting organizations worldwide as part of a large-scale cyberespionage campaign.
The IT giant also confirmed that is currently notifying impacted organizations.
Recently, Hewlett Packard Enterprise (HPE) revealed that alleged Russia-linked cyberespionage group Midnight Blizzard also gained access to its Microsoft Office 365 cloud-based email environment.
The attackers were collecting information on the cybersecurity division of the company and other functions.
The Midnight Blizzard group (aka APT29, SVR group, Cozy Bear, Nobelium, BlueBravo, and The Dukes) along with APT28 cyber espionage group was involved in the Democratic National Committee hack and the wave of attacks aimed at the 2016 US Presidential Elections. The group is known for the SolarWinds supply chain attack that in 2020 hit more than 18,000 customer organizations, including Microsoft. Microsoft states that this APT is known to primarily target governments, diplomatic entities, non-governmental organizations (NGOs) and IT service providers, primarily in the US and Europe.