Security News in Review: SolarWinds Threat Group Launches New Phishing Campaign
Community Chats Webinars Library
Security News in Review: SolarWinds Threat Group Launches New Phishing Campaign
Welcome to your weekly roundup of cybersecurity news. In the current edition, you’ll find information about a new campaign by the threat group behind the SolarWinds supply chain attack, Belgian authorities closing a campaign they think originated in China, and information on a new cybersecurity directive for pipeline operators.
Read on for the news!
SolarWinds hackers are behind a widespread phishing campaign impersonating USAID, Microsoft says — The same adversary group behind the SolarWinds supply chain attack is now sending out phishing emails masquerading as USAID, Microsoft said in a new report. The threat group is targeting 150 organizations across 24 countries and has targeted 3,000 individual accounts in a blitz of phishing emails since May 25. They’re currently using a hacked email that USAID uses to send marketing emails; a USAID spokesperson said their forensic investigation into the breach is ongoing. At least one of the messages purports to be about “election fraud” documents released by former U.S. President Trump. Experts have called this yet another example of Russian disinformation designed to stoke division in the U.S. electoral. It’s unclear at this time how successful the phishing campaign was.