SolarWinds Actors Are Back With New Hack Affecting 3,000 Email Accounts and 150 Agencies

Pulse Secure hackers may have been tipped off to FireEye's probe, FBI warns of APT group's exploit of Fortigate appliance, Troy Hunt open sources HIBP, Klarna Bank exposes 90K customer accounts, more

Check out my latest column in CSO on the TSA’s release of its pipeline security directive, which experts say has some problems but is a step in the right direction. And please don’t forget to support Metacurity with a premium subscription and gain access to our archives and exclusive premium content.

Microsoft said it observed this week the same Russian hackers behind the SolarWinds hack, the Nobelium group, targeting government agencies, think tanks, consultants, and non-governmental organizations, affecting more than 3,000 email accounts across 150 agencies, a quarter of which are involved international development, humanitarian and human rights.

The actors were able to launch the attacks by breaching the Constant Contact account of USAID via a phishing campaign that inserted a malicious file used to distribute a backdoor that Microsoft calls NativeZone. The backdoor is capable of stealing data to infect other computers on the network. Microsoft said many of the attacks targeting its …