Embed Notice

HTML Code

<blockquote style="position: relative; padding-left: 55px;"><section><a href="https://swecyb.com/users/nopatience/statuses/114010114109751886">Christoffer S. (nopatience@swecyb.com)'s status on Sunday, 16-Feb-2025 07:12:32 JST</a><a href="https://swecyb.com/@nopatience" title="nopatience@swecyb.com"><img src="https://gnusocial.jp/avatar/153738-48-20250323164920.webp" width="48" height="48" alt="Christoffer S." style="position: absolute; left: 0; top: 0;">Christoffer S.</a></section><article><p>Volexity: <a href="https://www.volexity.com/blog/2025/02/13/multiple-russian-threat-actors-targeting-microsoft-device-code-authentication/" rel="nofollow noreferrer">https://www.volexity.com/blog/2025/02/13/multiple-russian-threat-actors-targeting-microsoft-device-code-authentication/</a></p><p>Multiple Russian threat actors have been identified targeting Microsoft 365 accounts through Device Code Authentication phishing campaigns, according to Volexity. These attacks, which began in mid-January 2025, involve social engineering and spear-phishing tactics, often masquerading as communications from reputable organizations like the U.S. Department of State and the Ukrainian Ministry of Defence.</p><p><a href="https://swecyb.com/tags/ThreatIntel" rel="tag">#ThreatIntel</a> <a href="https://swecyb.com/tags/CyberSecurity" rel="tag">#CyberSecurity</a> <a href="https://swecyb.com/tags/Russia" rel="tag">#Russia</a></p></article><footer><a rel="bookmark" href="https://gnusocial.jp/conversation/4572913#notice-8952469">In conversation</a><time datetime="2025-02-16T07:12:32+09:00" title="Sunday, 16-Feb-2025 07:12:32 JST">about a month ago</time> <span>from <span><a href="https://swecyb.com/@nopatience/114010114109751886" rel="external" title="Sent from swecyb.com via ActivityPub">swecyb.com</a></span></span><a href="https://swecyb.com/@nopatience/114010114109751886">permalink</a><h4>Attachments</h4><ol><li><article><header><div>Domain not in remote thumbnail source whitelist: www.volexity.com</div><h5><a href="https://www.volexity.com/blog/2025/02/13/multiple-russian-threat-actors-targeting-microsoft-device-code-authentication/">Multiple Russian Threat Actors Targeting Microsoft Device Code Authentication</a></h5><div> from <span>Steven Adair</span></div></header><div>Starting in mid-January 2025, Volexity identified several social-engineering and spear-phishing campaigns by Russian threat actors aimed at compromising Microsoft 365 (M365) accounts. These attack campaigns were highly targeted and carried out in a variety of ways. The majority of these attacks originated via spear-phishing emails with different themes. In one case, the eventual breach began with highly tailored outreach via Signal.Through its investigations, Volexity discovered that Russian threat actors were impersonating a variety of individuals</div><footer></footer></article></li></ol></footer></blockquote>

Corresponding Notice

Embed this notice
Christoffer S. (nopatience@swecyb.com)'s status on Sunday, 16-Feb-2025 07:12:32 JST Christoffer S.
Volexity: https://www.volexity.com/blog/2025/02/13/multiple-russian-threat-actors-targeting-microsoft-device-code-authentication/
Multiple Russian threat actors have been identified targeting Microsoft 365 accounts through Device Code Authentication phishing campaigns, according to Volexity. These attacks, which began in mid-January 2025, involve social engineering and spear-phishing tactics, often masquerading as communications from reputable organizations like the U.S. Department of State and the Ukrainian Ministry of Defence.
#ThreatIntel #CyberSecurity #Russia
In conversationabout a month ago from swecyb.compermalink
Attachments
1. Domain not in remote thumbnail source whitelist: www.volexity.com
  Multiple Russian Threat Actors Targeting Microsoft Device Code Authentication
  from Steven Adair
  Starting in mid-January 2025, Volexity identified several social-engineering and spear-phishing campaigns by Russian threat actors aimed at compromising Microsoft 365 (M365) accounts. These attack campaigns were highly targeted and carried out in a variety of ways. The majority of these attacks originated via spear-phishing emails with different themes. In one case, the eventual breach began with highly tailored outreach via Signal.Through its investigations, Volexity discovered that Russian threat actors were impersonating a variety of individuals

Public

Embed Notice

HTML Code

Corresponding Notice