3rd Party Risk Management , Application Security , Breach Notification
Company Says Russian-Linked Group Targeted Its Customer Support System Scott Ferguson (Ferguson_Writes) • June 26, 2021 Photo: MicrosoftThe Russian-linked cyberespionage group behind the supply-chain attack against SolarWinds recently targeted Microsoft's customer support system as part of a new campaign, the company disclosed in a report published Friday.
See Also: Live Panel | Zero Trusts Given- Harnessing the Value of the Strategy
Microsoft attributes this latest intrusion against its customers to an attack group that the company calls Nobelium, which also conducted the SolarWinds supply chain attack, which affected 18,000 users of the Orion network monitoring platform and resulted in follow-on attacks on nine government agencies and 100 companies. The Biden administration has accused Russia's Foreign Intelligence Service, or SVR, of conducting the SolarWinds supply chain compromise.
In the recent campaign that Microsoft uncovered, the attackers targeted the company's customer support system. The investigation showed that information-stealing malware was found on a device belonging to one of Microsoft's customer support agents. That agent's account had access to basic account information related to a "small number" of the company's customers, according to the report.
The hacking group then used that data to target specific Microsoft cust ..
Support the originator by clicking the read the rest link below.
