Void Blizzard: New Russian Cyberespionage Group Targets NATO and Ukraine

Microsoft Threat Intelligence reports a cyberespionage campaign by the Russia-linked group Void Blizzard, targeting NATO countries and Ukraine for intelligence collection in critical sectors. The group has shifted from using stolen credentials to sophisticated methods, including API abuse and spear phishing, to support Russian strategic interests. #VoidBlizzard #RussianCyberOperations

Keypoints

Void Blizzard is a Russia-affiliated actor targeting organizations in NATO countries and Ukraine.
The group focuses on sectors such as government, defense, healthcare, and IT for intelligence gathering.
Recent activities include spear phishing campaigns using typosquatted domains and malicious QR codes.
They exploit Microsoft 365 APIs and Teams to access and exfiltrate sensitive data silently.
Void Blizzard often intersects with other Russian threat groups like Forest Blizzard and Midnight Blizzard.

SHARE THIS STORY

WhatsApp X (Twitter)Telegram Bluesky Facebook LinkedIn Threads Email Print