Tag: midnight blizzard

2 Attack Reports | 0 Vulnerabilities

Attack reports

Earth Koshchei Coopts Red Team Tools in Complex RDP Attacks

Earth Koshchei, an APT group suspected to be sponsored by the Russian SVR, executed a large-scale rogue RDP campaign targeting high-profile sectors. The attack methodology involved spear-phishing emails, red team tools, and sophisticated anonymization techniques. The campaign used an RDP relay, rog…
data exfiltration
spear-phishing
apt29
midnight blizzard
2024-12-17
python remote desktop protocol mitm tool (pyrdp)
roguerdp
tor exit nodes
Published: December 17, 2024
Downloadable IOCs: 421

Midnight Blizzard conducts large-scale spear-phishing campaign using RDP files

On October 22, 2024, Microsoft identified a spear-phishing campaign in which Midnight Blizzard sent phishing emails to thousands of users in over 100 organizations. The emails were highly targeted, using social engineering lures relating to Microsoft, Amazon Web Services (AWS), and the concept of Z…
backdoor
phishing
russia
campaign
rdp
2024-10-30
remote desktop
apt29
midnight blizzard
unc2452
cozy bear
hustlecon
Published: October 30, 2024
Downloadable IOCs: 281
Click here to see more Attack Reports