News

How to talk with kids about violent images of Charlie Kirk’s killing

Dr. Tori Cordiano: Yes, I think honest conversations with kids about that they may not always be able to predict when a video like this will come up in their feed or when somebody tips their phone toward them and tells them to take a look at this thing that they’re viewing. So they can’t...

Politics

Jaques Art Center in Aitkin celebrates 30th anniversary with new exhibitions

By submitting, you consent that you are at least 18 years of age and to receive information about MPR’s or APMG entities’ programs and offerings. The personally identifying information you provide will not be sold, shared, or used for purposes other than to communicate with you about MPR, APMG entities, and its sponsors. You may...

Politics

Russia-Ukraine war: List of key events, day 1,297 | Russia-Ukraine war News

Published On 13 Sep 202513 Sep 2025 Click here to share on social media share2 Share Here is how things stand on Saturday, September 13: Fighting An early morning Russian attack on Friday killed three people in northern Ukraine’s Sumy region, a regional official reported. Ukrainian President Volodymyr Zelenskyy said Moscow’s attempts to advance in...

Technology

Russia-linked hackers are attacking small businesses using fake Microsoft Entra pages

americalatinanews.com4 months ago04 mins

Microsoft spots fake Entra pages being distributed in phishing emails
The attacks targeted organizations in the West, mostly in critical infrastructure
The goal was to gather intelligence for the Russo-Ukrainian conflict

Russian hacking campaigns, part of the country’s wider war effort against Ukraine, are getting more aggressive, security researchers from Microsoft have claimed, after they spotted a change in how a specific threat actor, called Void Blizzard, is running its operations.

Void Blizzard, also known as Laundry Bear, would usually buy login credentials off the dark web and use them to gain access to their targets’ IT infrastructure. Once inside, the hackers would exfiltrate emails, sensitive files, and business data, and look for means to continue moving laterally throughout the organization.

However, in recent times, the group has switched from buying login credentials into stealing them itself, and to do that it started spoofing Microsoft Entra login pages.

NATO in the crosshairs

Microsoft Entra is a comprehensive identity and network access solution that many organizations use to secure access to their digital resources across both cloud and on-prem. Void Blizzard would create fake pages using typosquatted domains and then distribute them to the victims using spear phishing and similar methods.

The victims are mostly small and medium-sized businesses (SMB) located in the West, as the campaign “disproportionately” targets organizations in Ukraine and NATO member states, Microsoft says, suggesting it is actually part of Russia’s war on Ukraine, and is designed to collect intelligence from critical sectors.

That being said, the majority of the victims are in government, defense, transportation, media, NGO, and healthcare.

In some instances, the hackers targeted education, telecommunications, and law enforcement agencies, as well, with more than 20 NGOs in Europe and North America targeted.

“Void Blizzard primarily targets NATO member states and Ukraine. Many of the compromised organizations overlap with past—or, in some cases, concurrent—targeting by other well-known Russian state actors, including Forest Blizzard, Midnight Blizzard, and Secret Blizzard,” Microsoft concluded.

“This intersection suggests shared espionage and intelligence collection interests assigned to the parent organizations of these threat actors.”

Source link

Leave a Reply Cancel reply

Related News