← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
Midnight Blizzard conducts large-scale spear-phishing campaign using RDP files | Microsoft Security Blog
WHITE jacksparrow 2024-12-06 Modified: 2024-12-06
282
IOCs
HIGH VOLUME
Microsoft is investigating a large-scale spear-phishing campaign targeting individuals, companies and governments in a range of sectors, as well as the Russian government, which is believed to be targeting Microsoft employees.
microsoftofficerdp connectionoctoberendpointaws iamsurfacerdp attachmentfilenametimestampserviceturnteamukraineratsdefendersuspiciousprojectsentineltwitterapt29
MITRE ATT&CK & Malware Families
ATT&CK TECHNIQUES
MALWARE FAMILIES
APT29
Indicators of Compromise (1 / 282 total)
All FileHash-MD5 domain hostname
TYPEINDICATORDESCRIPTIONCREATED
FileHash-MD5 392e4194f0f26165030055c3f1de6080 2024-12-06
References (1)
↗ https://www.microsoft.com/en-us/security/blog/2024/10/29/midnight-blizzard-conducts-large-scale-spear-phishing-campaign-using-rdp-files/