Amazon disrupts Russian APT29 hackers targeting Microsoft 365

Amazon has successfully disrupted the operations of the Russian cyber espionage group APT29, also known as Cozy Bear, which has been targeting Microsoft 365 users. This group is notorious for its sophisticated cyber attacks aimed at stealing sensitive information from government and private sector organizations. Amazon's intervention involved identifying and taking down infrastructure used by APT29 to conduct phishing campaigns and deploy malware. The disruption significantly hampers the group's ability to compromise Microsoft 365 accounts and access confidential data. This action highlights the growing collaboration between tech giants and cybersecurity entities to combat state-sponsored cyber threats. Organizations using Microsoft 365 are advised to remain vigilant, implement robust security measures, and monitor for suspicious activities to protect against such advanced persistent threats. The incident underscores the importance of proactive defense strategies in the evolving landscape of cyber warfare, where attackers continuously adapt their tactics to exploit vulnerabilities in widely used platforms like Microsoft 365. By disrupting APT29's campaigns, Amazon has set a precedent for proactive threat mitigation and the critical role of cloud service providers in enhancing cybersecurity resilience.

This Cyber News was published on www.bleepingcomputer.com. Publication date: Mon, 01 Sep 2025 15:35:19 +0000

Cyber News related to Amazon disrupts Russian APT29 hackers targeting Microsoft 365

Russian hackers use Ngrok feature and WinRAR exploit to attack embassies - After Sandworm and APT28, another state-sponsored Russian hacker group, APT29, is leveraging the CVE-2023-38831 vulnerability in WinRAR for cyberattacks. APT29 is tracked under different names and has been targeting embassy entities with a BMW car ...
2 years ago Bleepingcomputer.com CVE-2023-38831 APT28 APT29

Amazon disrupts Russian APT29 hackers targeting Microsoft 365 - Amazon has successfully disrupted the operations of the Russian cyber espionage group APT29, also known as Cozy Bear, which has been targeting Microsoft 365 users. This group is notorious for its sophisticated cyber attacks aimed at stealing ...
4 months ago Bleepingcomputer.com APT29 Cozy Bear

CVE-2022-48826 - In the Linux kernel, the following vulnerability has been resolved: ...
1 year ago

Microsoft reveals how hackers breached its Exchange Online accounts - Microsoft confirmed that the Russian Foreign Intelligence Service hacking group, which hacked into its executives' email accounts in November 2023, also breached other organizations as part of this malicious campaign. On January 12, 2024, Microsoft ...
1 year ago Bleepingcomputer.com APT29

Veeam adds BaaS capabilities for Veeam Backup for Microsoft 365 - Veeam Software has expanded its relationship with Microsoft. Veeam is making it easier for customers to protect Microsoft 365 with Cirrus by Veeam which brings the ease and flexibility of Backup-as-a-Service for Microsoft 365. Utilizing the power and ...
2 years ago Helpnetsecurity.com

1000+ New Fake Domains Mimic Amazon Prime Day Registered to Hunt Online Shoppers - These attacks range from fake calls and phishing emails to malicious links and spoofed websites, all designed to trick shoppers into revealing sensitive account information or making fraudulent payments. During Amazon’s Big Spring Sale in March ...
6 months ago Cybersecuritynews.com

CISA orders agencies impacted by Microsoft hack to mitigate risks - CISA has issued a new emergency directive ordering U.S. federal agencies to address risks resulting from the breach of multiple Microsoft corporate email accounts by the Russian APT29 hacking group. It requires them to investigate potentially ...
1 year ago Bleepingcomputer.com APT29

Russian hackers stole Microsoft corporate emails in month-long breach - Microsoft disclosed Friday night that some of its corporate email accounts were breached and data stolen by the Russian state-sponsored hacking group Midnight Blizzard. The company detected the attack on January 12th, with Microsoft initiating its ...
2 years ago Bleepingcomputer.com APT29

HPE: Russian hackers breached its security team's email accounts - Hewlett Packard Enterprise disclosed today that suspected Russian hackers known as Midnight Blizzard gained access to the company's Microsoft Office 365 email environment to steal data from its cybersecurity team and other departments. Midnight ...
2 years ago Bleepingcomputer.com Cozy Bear APT29

Cisco Foundation Grantees prioritize Indigenous leadership to protect the Amazon Basin - This is the first of our three-part series on Cisco Foundation grantees working in the Amazon and South America region. This series will introduce you to eight Cisco Foundation Climate Impact & Regeneration grantees working to support preservation ...
1 year ago Feedpress.me

Master the Art of Data Security - As we step further into the digital age, the importance of data security becomes increasingly apparent. As with all data storage services, it's crucial to ensure that the data stored on Amazon S3 is secure, particularly when it's 'at rest'-that is, ...
2 years ago Feeds.dzone.com

Who is the DOGE and X Technician Branden Spikes? – Krebs on Security - Branden Spikes California Russian Association Congress of Russian Americans Constellation of Humanity Cyberinc Department of Government Efficiency Diana Fishman Donald J. Prior to founding Spikes Security, Branden Spikes was married to a native ...
10 months ago Krebsonsecurity.com

New Microsoft Incident Response guides help security teams analyze suspicious activity - Today Microsoft Incident Response are proud to introduce two one-page guides to help security teams investigate suspicious activity in Microsoft 365 and Microsoft Entra. These guides contain the artifacts that Microsoft Incident Response hunts for ...
2 years ago Microsoft.com

Microsoft Incident Response lessons on preventing cloud identity compromise - Microsoft Incident Response is often engaged in cases where organizations have lost control of their Microsoft Entra ID tenant, due to a combination of misconfiguration, administrative oversight, exclusions to security policies, or insufficient ...
2 years ago Microsoft.com

Russian Spies Hacked Microsoft Email Systems & Accessed Code - Microsoft has disclosed that Russian government hackers, identified as the group Midnight Blizzard, have successfully infiltrated its corporate email systems and stolen source codes. Microsoft's announcement on March 8, 2024, detailed that Midnight ...
1 year ago Cybersecuritynews.com Cozy Bear APT29

The Dark Side of Digital Reading: E-Books as Corporate Surveillance Tools - Americans are reading digital books at a rate of three out of ten. In a market where the majority of readers are subject to both Big Publishing's greed and those of Big Tech, it is no surprise that these readers are subject to both the greed of Big ...
2 years ago Cysecurity.news

TeamViewer says Russia's 'Cozy Bear' hackers attacked corporate IT system - Software company TeamViewer confirmed on Friday that a prolific Russian hacking group breached its corporate IT environment earlier in the week. In an updated statement, the company attributed a recently announced incident to APT29, also known as ...
1 year ago Therecord.media Cozy Bear APT29

ACM will no longer cross sign certificates with Starfield Class 2 starting August 2024 - AWS Certificate Manager is a managed service that you can use to provision, manage, and deploy public and private TLS certificates for use with Elastic Load Balancing, Amazon CloudFront, Amazon API Gateway, and other integrated AWS services. Starting ...
1 year ago Aws.amazon.com

FSB arrests Russian hackers working for Ukrainian cyber forces - The Russian Federal Security Service arrested two individuals believed to have helped Ukrainian forces carry out cyberattacks to disrupt Russian critical infrastructure targets. Both suspects were taken into custody one same day in two different ...
2 years ago Bleepingcomputer.com

Russian military hackers target NATO fast reaction corps - Russian APT28 military hackers used Microsoft Outlook zero-day exploits to target multiple European NATO member countries, including a NATO Rapid Deployable Corps. Researchers from Palo Alto Networks' Unit 42 have observed them exploiting the ...
2 years ago Bleepingcomputer.com CVE-2023-23397 Fancy Bear APT28

25 Best Managed Security Service Providers (MSSP) - 2025 - Pros & Cons: ProsConsStrong threat intelligence & expert SOCs.High pricing for SMBs.24/7 monitoring & rapid incident response.Complex UI and steep learning curve.Flexible, scalable, hybrid deployments.Limited visibility into endpoint ...
6 months ago Cybersecuritynews.com

Rundown of Security News from AWS re:Invent 2023 - Amazon Web Services has been unveiling a steady stream of announcements during its AWS re:Invent 2023 event in Las Vegas this week. The focus over the four days, as expected, is on AI as AWS strives to show that its offerings can match - or surpass - ...
2 years ago Darkreading.com

Microsoft 365 To Block Downloaded Excel XLL Add-Ins To Boost Security - Microsoft has recently announced that in order to help improve security, Microsoft 365 is now blocking the download of XLL add-ins for Excel on both Window PCs and Apple Macs. This new feature will be put into effect early 2021, affecting both Office ...
3 years ago Bleepingcomputer.com