Russian Hackers Breach 20+ NGOs Using Evilginx Phishing via Fake Microsoft Entra Pages

from The Hacker News 2 days ago

Microsoft has identified a previously unknown threat actor, Void Blizzard, linked to Russia, active since April 2024. This group focuses on espionage against key sectors like government and healthcare in NATO countries and Ukraine, using compromised credentials purchased online to infiltrate organizations and extract sensitive information. Their activities highlight a strategic threat to Western entities, particularly those supporting Ukrainian efforts against Russia. The group's methods include simple credential theft techniques and opportunistic targeting of high-value organizations for intelligence gathering.

They often use stolen sign-in details that they likely buy from online marketplaces to gain access to organizations. Once inside, they steal large amounts of emails and files.

Attacks mounted by Void Blizzard have been found to disproportionately single out NATO member states and Ukraine, suggesting that the adversary is looking to collect intelligence to further Russian strategic objectives.

Read at The Hacker News

#cybersecurity #hacking #espionage #russia #void-blizzard

Collection

[

...

]

Russian Hackers Breach 20+ NGOs Using Evilginx Phishing via Fake Microsoft Entra PagesRussian Hackers Breach 20+ NGOs Using Evilginx Phishing via Fake Microsoft Entra Pages Briefly

Russian Hackers Breach 20+ NGOs Using Evilginx Phishing via Fake Microsoft Entra Pages
Russian Hackers Breach 20+ NGOs Using Evilginx Phishing via Fake Microsoft Entra Pages
Briefly