At a glance.
- Microsoft disrupts spearphishing infrastructure belonging to Russia's FSB.
- Critical Ivanti flaw is being actively exploited.
- The Netherlands blames state-sponsored actor for police network breach.
Microsoft disrupts spearphishing infrastructure belonging to Russia's FSB.
Microsoft, working with the US Justice Department, has seized more than one hundred domains used by the Russian threat actor Star Blizzard to launch spearphishing attacks against US government employees and nonprofit organizations, the Record reports. The Five Eyes intelligence agencies have attributed Star Blizzard to Russia's Federal Security Service (FSB).
Steven Masada, Assistant General Counsel for Microsoft's Digital Crimes Unit, stated, "While we expect Star Blizzard to always be establishing new infrastructure, today’s action impacts their operations at a critical point in time when foreign interference in U.S. democratic processes is of utmost concern. It will also enable us to quickly disrupt any new infrastructure we identify through an existing court proceeding."
Microsoft added, "Between January 2023 and August 2024, Microsoft observed Star Blizzard target over 30 civil society organizations – journalists, think tanks, and non-governmental organizations (NGOs) core to ensuring democracy can thrive – by deploying spear-phishing campaigns to exfiltrate sensitive information and interfere in their activities."