Nobelium – TheCyberThrone

Russian Linked APT 29 found targeting NATO & EU Member States

The authorities of Poland warn about a cyberespionage group linked to Russia dubbed as APT29, Cozy Bear, and NOBELIUM is targeting diplomatic and foreign ministries from NATO and EU member…

PravinKarthik April 17, 2023

MagicWeb From Nobelium APT

Researchers at Microsoft observed the activity of Russia-backed Nobelium APT that uses the backdoor after gaining administrative privileges to an Active Directory Federated Services server. With that elevated privileged access,…

PravinKarthik August 25, 2022

Microsoft Says Six Russian Nation State hackers Targeted Ukraine

Microsoft has revealed in a report that at least six separate Russian nation-state actors have launched damaging cyber-attacks against Ukraine since the invasion began earlier this year. Microsoft researchers have…

PravinKarthik April 29, 2022

Security

CEELoader added to Nobelium Arsenal

Researchers have identified two distinct clusters of activity, tracked UNC3004 and UNC2652, that were associated with the Russia-linked Nobelium APT group (aka UNC2452). The NOBELIUM APT is the threat actor…

PravinKarthik December 7, 2021

Security

Nobelium Again for a Supply Chain ! Microsoft Warns

Microsoft has warned that the Russia-based cyber criminals, behind the massive SolarWinds software attack last year, are on the prowl again, this time targeting atleast 140 organisations integral to the…

PravinKarthik October 25, 2021

Tomiris backdoor linked to Nobelium

Researchers discovered new malware containing several attributes that potentially connect it to DarkHalo, the threat actor behind the Sunburst attack in connection with SolarWinds. The DarkHalo compromised a widely used…

PravinKarthik September 29, 2021

Security

FoggyWeb Backdoored ADFS

Microsoft has published extensive information on new malware it calls FoggyWeb, deployed by Russia-linked threat actors Nobelium who are said to be behind the devastating SolarWinds supply chain attack on…

PravinKarthik September 28, 2021

Nobelium again

Hackers breached a computer used by one of its customer service agents and stole account data they then used to launch "highly-targeted" attacks on customers. The company identified the hacking…

PravinKarthik June 27, 2021