Threat Awareness – APT Conducts Large-Scale Spear-Phishing Campaign with RDP Attachments

Last week, Microsoft warned of a spear-phishing threat by the Russian state-backed threat group known as Midnight Blizzard or APT29. “Since October 22, 2024, Microsoft Threat Intelligence has observed Russian threat actor Midnight Blizzard sending a series of highly targeted spear-phishing emails to individuals in government, academia, defense, non-governmental organizations, and other sectors” reads Microsoft’s threat blog. The campaign is described as being large-scale and using RDP attachments. On Thursday last week, CISA warned of the same threat, and like Microsoft, included mitigations and suggestions to help strengthen defenses.

Last week, Microsoft warned of a spear-phishing threat by the Russian state-backed threat group known as Midnight Blizzard or APT29. “Since October 22, 2024, Microsoft Threat Intelligence has observed Russian threat actor Midnight Blizzard sending a series of highly targeted spear-phishing emails to individuals in government, academia, defense, non-governmental organizations, and other sectors” reads Microsoft’s threat blog. The campaign is described as being large-scale and using RDP attachments. On Thursday last week, CISA warned of the same threat, and like Microsoft, included mitigations and suggestions to help strengthen defenses.