Microsoft, DOJ Dismantle Domains Used by Russian FSB-Linked Hacking Group

By taking decisive action against Star Blizzard, Microsoft and its partners reinforce international norms and demonstrate a commitment to protecting civil society and upholding the rule of law in cyberspace. Between January 2023 and August 2024, Star Blizzard targeted more than 30 civil society organizations, including journalists, think tanks, and NGOs. In coordination with the DOJ, Microsoft’s Digital Crimes Unit (DCU) has seized over 100 domains associated with the hacking group known as Star Blizzard. GBHackers on Security is a top cybersecurity news platform, delivering up-to-date coverage on breaches, emerging threats, malware, vulnerabilities, and global cyber incidents. Microsoft encourages civil society groups to enhance their cybersecurity measures, use strong multi-factor authentication, and enroll in programs like Microsoft’s AccountGuard to protect against nation-state cyberattacks. Microsoft and the U.S. Department of Justice (DOJ) have successfully dismantled a network of domains a Russian hacking group linked to the Federal Security Service (FSB) uses. Since January 2023, Microsoft has identified 82 customers targeted by Star Blizzard, averaging one attack per week. Divya is a Senior Journalist at GBhackers covering Cyber Attacks, Threats, Breaches, Vulnerabilities and other happenings in the cyber world. The disruption of this infrastructure is expected to significantly hinder Star Blizzard’s operations, which have been relentlessly targeting high-value entities supporting democratic governance. This effort disrupts current threats and sets a precedent for future collaborations to safeguard democratic institutions from cyber interference. Star Blizzard, also known as COLDRIVER and Callisto Group, has been active since at least 2017. In 2023, the British government attributed Star Blizzard’s activities to the Russian FSB, highlighting their attempts to interfere in UK politics. The DCU will continue to innovate in disrupting cybercriminal infrastructure while collaborating with private sector partners, civil society, government agencies, and law enforcement. This collaborative effort is critical in countering cyber threats targeting democratic institutions worldwide.

This Cyber News was published on gbhackers.com. Publication date: Fri, 04 Oct 2024 07:43:05 +0000


Cyber News related to Microsoft, DOJ Dismantle Domains Used by Russian FSB-Linked Hacking Group

Russia hacking: 'FSB in years-long cyber attacks on UK', says government - The UK is accusing Russia's Security Service, the FSB, of a sustained cyber-hacking campaign, targeting politicians and others in public life. The government said one group stole data through cyber-attacks, which was later made public, including ...
1 year ago Bbc.com
Microsoft, DOJ Dismantle Domains Used by Russian FSB-Linked Hacking Group - By taking decisive action against Star Blizzard, Microsoft and its partners reinforce international norms and demonstrate a commitment to protecting civil society and upholding the rule of law in cyberspace. Between January 2023 and August 2024, Star ...
2 months ago Gbhackers.com
FSB arrests Russian hackers working for Ukrainian cyber forces - The Russian Federal Security Service arrested two individuals believed to have helped Ukrainian forces carry out cyberattacks to disrupt Russian critical infrastructure targets. Both suspects were taken into custody one same day in two different ...
1 year ago Bleepingcomputer.com
Microsoft and DOJ disrupt Russian FSB hackers' attack infrastructure - Microsoft and the Justice Department have seized over 100 domains used by the Russian ColdRiver hacking group to target United States government employees and nonprofit organizations from Russia and worldwide in spear-phishing attacks. "Between ...
2 months ago Bleepingcomputer.com
Toward Ending the Domain Wars: Early Detection of Malicious Stockpiled Domains - The two main advantages of detecting stockpiled domains are expanding coverage of malicious domains and providing patient-zero detections as attackers stock up on domains for future use. As of July 2023, our detection pipeline has found 1,114,499 ...
1 year ago Unit42.paloaltonetworks.com
DOJ Seizes Ransomware Site as BlackCat Threatens More Attacks - U.S. law enforcement agencies said they shut down the online operations of the notorious Russia-linked BlackCat ransomware-as-a-service group and developed a decryption tool that will help more than 500 victims regain access to their encrypted data ...
1 year ago Securityboulevard.com
Microsoft and DOJ seized the attack infrastructure used by Russia-linked Callisto Group - Today, the United States District Court for the District of Columbia unsealed a civil action brought by Microsoft’s DCU, including its order authorizing Microsoft to seize 66 unique domains used by Star Blizzard in cyberattacks targeting Microsoft ...
2 months ago Securityaffairs.com
Encouraging Ethical Hacking Skills in Students - This article delves into the significance of encouraging ethical hacking skills in students and the numerous benefits it offers to individuals and society as a whole. Possessing ethical hacking skills can provide students with a competitive advantage ...
1 year ago Securityzap.com
Russian hackers stole Microsoft corporate emails in month-long breach - Microsoft disclosed Friday night that some of its corporate email accounts were breached and data stolen by the Russian state-sponsored hacking group Midnight Blizzard. The company detected the attack on January 12th, with Microsoft initiating its ...
11 months ago Bleepingcomputer.com
Russian hackers stole Microsoft corporate emails in month-long breach - Microsoft disclosed Friday night that some of its corporate email accounts were breached and data stolen by the Russian state-sponsored hacking group Midnight Blizzard. The company detected the attack on January 12th, with Microsoft initiating its ...
11 months ago Bleepingcomputer.com
Russian military hackers target NATO fast reaction corps - Russian APT28 military hackers used Microsoft Outlook zero-day exploits to target multiple European NATO member countries, including a NATO Rapid Deployable Corps. Researchers from Palo Alto Networks' Unit 42 have observed them exploiting the ...
1 year ago Bleepingcomputer.com
US DOJ applies carrot-and-stick approach to Foreign Corrupt Practices Act policy - The US Department of Justice has taken a carrot-and-stick approach to its corporate enforcement policy in regard to the Foreign Corrupt Practices Act in an effort to entice companies to self-report when in violation of the FCPA. Assistant Attorney ...
1 year ago Csoonline.com
Microsoft reveals how hackers breached its Exchange Online accounts - Microsoft confirmed that the Russian Foreign Intelligence Service hacking group, which hacked into its executives' email accounts in November 2023, also breached other organizations as part of this malicious campaign. On January 12, 2024, Microsoft ...
10 months ago Bleepingcomputer.com
US, UK Announce Charges and Sanctions Against Two Russian Hackers - The United States and United Kingdom on Thursday announced charges and sanctions against two individuals allegedly involved in hacking and other cyber operations on behalf of Russia's FSB security service. Microsoft and Five Eyes security agencies on ...
1 year ago Securityweek.com
HPE: Russian hackers breached its security team's email accounts - Hewlett Packard Enterprise disclosed today that suspected Russian hackers known as Midnight Blizzard gained access to the company's Microsoft Office 365 email environment to steal data from its cybersecurity team and other departments. Midnight ...
10 months ago Bleepingcomputer.com
Key Group uses leaked builders of ransomware and wipers | Securelist - The first discovered sample of Key Group, the Xorist ransomware, established persistence in the system by changing file extension associations. The .huis_bn extension added to encrypted files in the early versions of Key Group samples, Xorist and ...
2 months ago Securelist.com
DoJ Breaks Russian Military Botnet in Fancy Bear Takedown - The Department of Justice has disrupted a botnet used by Russian military intelligence for widespread cyber espionage. The network was made up of hundreds of individual small office/home office routers that the Russian Military Unit 26165 was able to ...
10 months ago Darkreading.com
Feds Disrupt Botnet Used by Russian APT28 Hackers - Federal law enforcement kicked Russian state hackers off a botnet comprising at least hundreds of home office and small office routers that had been pulled together by a cybercriminal group and co-opted by the state-sponsored spies. APT28, an ...
10 months ago Securityboulevard.com
Russian FSB Targets US and UK Politicians in Sneaky Spear-Phish Plan - The UK was the first to release the accusations-because time zones, presumably. Your humble blogwatcher curated these bloggy bits for your entertainment. The intrusions include targeting personal email accounts and impersonation attempts against ...
1 year ago Securityboulevard.com
Microsoft Incident Response lessons on preventing cloud identity compromise - Microsoft Incident Response is often engaged in cases where organizations have lost control of their Microsoft Entra ID tenant, due to a combination of misconfiguration, administrative oversight, exclusions to security policies, or insufficient ...
1 year ago Microsoft.com
Ukraine says it hacked Russian aviation agency, leaks data - Ukraine's intelligence service, operating under the Defense Ministry, claims they hacked Russia's Federal Air Transport Agency, 'Rosaviatsia,' to expose a purported collapse of Russia's aviation sector. Rosaviatsia is the agency responsible for ...
1 year ago Bleepingcomputer.com
Russian FSB Cyber Espionage: Navigating the Threat Landscape - The field of cybersecurity is always changing, and recent developments have refocused attention on Russian hackers and their purported participation in an elaborate cyber-espionage scheme. Russian security chief agency Federal Security Service is ...
1 year ago Cysecurity.news
UK and allies expose Russian FSB hacking group, sanction members - Callisto is an advanced persistent threat actor that has been active since late 2015 and has been attributed to Russia's 'Centre 18' division of the Federal Security Service. Last year, Microsoft's threat analysts disrupted a group's attack targeting ...
1 year ago Bleepingcomputer.com
Russian hackers use Ngrok feature and WinRAR exploit to attack embassies - After Sandworm and APT28, another state-sponsored Russian hacker group, APT29, is leveraging the CVE-2023-38831 vulnerability in WinRAR for cyberattacks. APT29 is tracked under different names and has been targeting embassy entities with a BMW car ...
1 year ago Bleepingcomputer.com
Detained Russian student allegedly helped Ukrainian hackers with cyberattacks - A Russian tech student could face treason charges for helping Ukrainian hackers carry out cyberattacks against Russia. A resident of the Siberian city of Tomsk, Seymour Israfilov was detained by Russian security services in October, but little ...
11 months ago Therecord.media

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)