Microsoft Disrupts Russian Spies

Uploaded on 2022-08-24 in TECHNOLOGY--Hackers, INTELLIGENCE-Hot Spots-Russia, FREE TO VIEW

Microsoft’s Threat Intelligence Centre has announced that it disrupted a Russian-state backed threat group that is believed to have run espionage campaigns against several different NATO countries.

Microsoft said it had disabled accounts used by the Seaborgium group for reconnaissance, phishing, and email collection and updated detections against its phishing domains in Microsoft Defender SmartScreen.

Also known by threat researchers as Callisto Group, ColdRiver and TA446, Seaborgium is a “highly persistent threat actor” that focuses most of its time on the US and UK, and occasionally the countries of the Baltics, Nordics and Eastern Europe.

Once Seaborgium has access to the victim’s email account, it will look to exfiltrate intelligence data and, on occasion, approach other people of interest via these compromised accounts in order to access sensitive info.

Seaborgian will even set up forwarding rules from victim inboxes to enable persistent data collection.

According to Microsoft “Once successful, it slowly infiltrates targeted organizations' social networks through constant impersonation, rapport building, and phishing to deepen their intrusion.. Seaborgium is a highly persistent threat actor, frequently targeting the same organisations over long periods of time."

Under its various names, the group has run different campaigns that leverage social networks through impersonation, rapport building, and phishing. The group has been running these campaigns for years using the same tactics, including over 30 different targets just this year.

The group has been successfully targeting former intelligence officials, Russian citizens living abroad and compromising organisations of interest for several years through via persistent campaigns, “rarely changing methodologies or tactics "Microsoft say.

2022’s targets have included defense and intelligence consulting companies, non-governmental organizations, higher education and think tanks. 

Microsoft:    Oodaloop:       Infosecurity Magazine:        Security Week:      Cybersecurity-Help:   Techmonitor

Breaking Defense:    Cyberthrone:  

You Might Also Read:

Russia Escalates Spying On Ukraine’s Allies:

 

« Xiaomi Phone Bug Enables Theft
Think Carefully Before You Pay For Cloud Downtime Insurance »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Magnet Forensics

Magnet Forensics

Magnet Forensics' family of digital forensics products are used globally by thousands of law enforcement, military, government and corporate customers.

CTR Secure Services

CTR Secure Services

CTR Secure Services provides a broad range of security consulting services from asset protection to cyber security.

Galois

Galois

Galois specializes in the research and development of new technologies that solve the most difficult problems in computer science.

CICRA

CICRA

CICRA is Sri Lanka's pioneering cyber security training and consultancy provider.

OpSec Security

OpSec Security

OpSec Online is the only brand protection solution that spans all channels so your brands are protected no matter what digital venue the criminals target.

Ridge Global

Ridge Global

Ridge Global works with C-suite executives and corporate directors to build more resilient organizations through innovative preparedness, protection, response and education capabilities.

TriagingX

TriagingX

TriagingX successfully created the first generation malware sandbox that is being used by many Fortune 500 companies for daily malware analysis.

NOW Insurance

NOW Insurance

NOW Insurance provides small business owners and other professional classes with a seamless purchasing experience for general liability, professional liability, and cybersecurity insurance coverage.

Appsec Phoenix

Appsec Phoenix

Appsec Phoenix is an end to end vulnerability management platform that focuses on workflows, threat feed, and real time data.

Appalachia Technologies

Appalachia Technologies

Appalachia is a full service Managed Services Provider with a focus on cybersecurity, backed by the best engineers.

PhishProtection

PhishProtection

We created Phish Protection to prevent all types of phishing including spear phishing protection and office 365 email protection for your small business.

Oregon Systems

Oregon Systems

Oregon Systems is a Regional Leader & Distributor with value added services for OT, IoT, IIoT & IT Cybersecurity products, Solutions & professional services throughout the middle-east region.

Positka FSI Pte Ltd

Positka FSI Pte Ltd

Positka, being a Splunk Singapore partner, provides Splunk & Phantom Services, Cybersecurity & Risk Management, Analytics & Big Data, Lean Process Optimization, and Managed Security Services.

Cyviation

Cyviation

Cyviation's mission is to mitigate ever-growing and menacing Cyber Security threats, focusing on aircraft, airlines and airports.

Resillion

Resillion

Resillion (formerly Eurofins Digital Testing) is a global leader in quality engineering and cyber security services with operations in Europe, US, UK, India and China.

Theori

Theori

Theori tackles the most difficult cybersecurity challenges from an attacker’s perspective and conquers them as the best strategic security experts.