Microsoft has detailed the activities of the Russia-linked espionage group βVoid Blizzard,β which has targeted government and defense organizations across Europe and North America. The group uses sophisticated phishing tactics and cloud abuse to steal sensitive data, posing significant risks to NATO and Ukraine. #VoidBlizzard #Evilginx #RussiaCyberEspionage #MicrosoftThreatIntel
Keypoints
- Void Blizzard is a Russia-linked hacking group targeting government and defense sectors.
- The group uses phishing campaigns with the Evilginx framework for credential theft.
- They primarily focus on stealing emails, files, and Teams chats from targeted organizations.
- The threat actors exploit cloud APIs like Exchange Online and Microsoft Graph for data extraction.
- Critical infrastructure and NATO allies are among the primary targets of Void Blizzardβs cyber espionage activities.
Read More: https://www.securityweek.com/russian-government-hackers-caught-buying-passwords-from-cybercriminals/