Microsoft Teams Used by Russia-Linked Hackers to Target Firms With Phishing Campaign, Microsoft Says

A Russian government-linked hacking group took aim at dozens of global organizations with a campaign to steal login credentials by engaging users in Microsoft Teams chats pretending to be from technical support, Microsoft researchers said on Wednesday.

These "highly targeted" social engineering attacks have affected "fewer than 40 unique global organizations" since late May, Microsoft researchers said in a blog, adding that the company was investigating.

The Russian embassy in Washington didn't immediately respond to a request for comment.

The hackers set up domains and accounts that looked like technical support and tried to engage Teams users in chats and get them to approve multifactor authentication (MFA) prompts, the researchers said.

"Microsoft has mitigated the actor from using the domains and continues to investigate this activity and work to remediate the impact of the attack," they added.

Teams is Microsoft's proprietary business communication platform, with more than 280 million active users, according to the company's January financial statement.

MFAs are a widely recommended security measure aimed at preventing hacking or stealing of credentials. The Teams targeting suggests hackers are finding new ways to get past it.

The hacking group behind this activity, known in the industry as Midnight Blizzard or APT29, is based in Russia, and the UK and US governments have linked it to the country's foreign intelligence service, the researchers said.

"The organizations targeted in this activity likely indicate specific espionage objectives by Midnight Blizzard directed at the government, non-government organizations (NGOs), IT services, technology, discrete manufacturing, and media sectors," they said, without naming any of the targets.

"This latest attack, combined with past activity, further demonstrates Midnight Blizzard's ongoing execution of their objectives using both new and common techniques," the researchers wrote.

Midnight Blizzard has been known to target such organizations, mainly in the US and Europe, going back to 2018, they added.

The hackers used already-compromised Microsoft 365 accounts owned by small businesses to make new domains that appeared to be technical support entities and had the word "Microsoft" in them, according to details in the Microsoft blog. Accounts tied to these domains then sent phishing messages to bait people via Teams, the researchers said.

© Thomson Reuters 2023

Samsung launched the Galaxy Z Fold 5 and Galaxy Z Flip 5 alongside the Galaxy Tab S9 series and Galaxy Watch 6 series at its first Galaxy Unpacked event in South Korea. We discuss the company's new devices and more on the latest episode of Orbital, the Gadgets 360 podcast. Orbital is available on Spotify, Gaana, JioSaavn, Google Podcasts, Apple Podcasts, Amazon Music and wherever you get your podcasts.

from Gadgets 360 https://ift.tt/C8eGng9

The 53 Most Anticipated Movies of 2023

What are the biggest movies of 2023? From Hollywood, we are expecting nine DC and Marvel superhero movies. (After a long time, DC has more titles on the calendar than Marvel Studios). A new Ant-Man, Aquaman, Flash, Shazam, Captain Marvel, Spider-Verse, and Guardians of the Galaxy film is on the docket for 2023 — Jason Momoa, Brie Larson, Chris Pratt, and Paul Rudd jump into spandex again — along with the first Kraven and Blue Beetle movies. Speaking of firsts, Mario, Gran Turismo, and Dungeons & Dragons are looking to launch new franchises in 2023, with the help of Pratt, Chris Pine, and David Harbour. We even have a live-action Barbie movie, with Margot Robbie, on the way. Beyond that, we have a second Dune entry with Timothée Chalamet and Zendaya, a third entry in the Rocky spin-off Creed with Michael B. Jordan, the fourth John Wick film with Keanu Reeves, a fifth Indiana Jones movie with Harrison Ford, a seventh Transformers and Tom Cruise-led Mission: Impossible, and the tenth...

Itel P55 With Dual Rear Cameras, 5,000mAh Battery Launched in India: Price, Specifications

Itel P55 5G was launched in India on Tuesday and it claims to be the cheapest 5G smartphone in the country. The phone is powered by an octa-core Dimensity chipset and supports wired fast charging. It carries an AI-powered dual rear camera unit and is offered in a single storage variant along with two colour options. Itel India also introduced the Itel S23+ alongside, and is a budget smartphone with a curved AMOLED display. The company is extending a two-year warranty on the handsets and is also offering free screen replacement within 100 days of purchase. Itel P55 5G price in India, availability Offered in Blue and Green colour options, the singular 8GB + 128GB variant of the Itel P55 5G is priced at Rs. 9,999. The phone will be available for purchase via Amazon India starting October 4. Itel P55 5G specifications, features Sporting a 6.6-inch HD+ (1600 x 700 pixels) display, the dual nano SIM-supported Itel P55 comes with a refresh rate of 90Hz. The phone is powered by an octa-co...

Apple Said to Halt Use of YTMC Chips Amid Stricter US Export Rules: Report

Apple is said to have halted its use of memory chips from YMTC, or Yangtze Memory Technologies Co. The Cupertino company has reportedly paused the use of NAND flash memory chips which were expected to... from Gadgets 360 https://ift.tt/RNyUlDO

Techall for you

Search This Blog