Microsoft Discovers New Attacks by SolarWinds Group, Including One Against Its Own Agent

Amazon buys encrypted messaging app Wickr, Fortinet firewall has a serious RCE bug, Mozilla launches Rally for privacy-centric academic research

Metacurity is off on a long weekend so enjoy this abbreviated version of our daily issue. We’ll be back in complete form tomorrow!

Microsoft discovered new cyberattacks carried out by Nobelium, also known as APT29, the Russian state threat group that hacked SolarWinds last year. The attackers used password spraying and brute-force attacks to guess passwords and gain access to Microsoft customer accounts.

Nobelium targeted the attacks at IT companies (57%), followed by government (20%), and smaller percentages for non-governmental organizations and think tanks, as well as financial services, Microsoft said. Nobelium targeted 36 countries, with the U.S. garnering 45% of the attacks.

Microsoft also found information-stealing malware on the device of one of its employees working as a customer support agent. The attackers used the malware to collect and steal basic account information for a small number of its customers stored on the customer support agent’s device. (Catalin Cimpanu / The …