Russia-linked Midnight Blizzard APT targeted 100+ organizations with a spear-phishing campaign using RDP files
Tags
country: Australia Japan Ukraine United Kingdom
maec-delivery-vectors: Watering Hole
attack-pattern: Data Email Addresses - T1589.002 Phishing - T1660 Phishing - T1566 Remote Desktop Protocol - T1021.001 Server - T1583.004 Server - T1584.004 Web Services - T1583.006 Web Services - T1584.006 Remote Desktop Protocol - T1076
Show in Graph
Common Information
Type Value
UUID d66062ab-600d-4c6c-b978-b1fc36453069
Fingerprint 104c9eb83eafcc98
Analysis status DONE
Considered CTI value 1
Text language
Published Oct. 30, 2024, 7:20 p.m.
Added to db Oct. 30, 2024, 9:02 p.m.
Last updated Nov. 17, 2024, 6:54 p.m.
Headline UNKNOWN
Title Russia-linked Midnight Blizzard APT targeted 100+ organizations with a spear-phishing campaign using RDP files
Detected Hints/Tags/Attributes 34/3/2
Source URLs
Redirection Url
Details Source https://securityaffairs.com/170398/apt/midnight-blizzard-apt-targeted-100-organizations.html
Details Redirection https://securityaffairs.com/170398/uncategorized/midnight-blizzard-apt-targeted-100-organizations.html
URL Provider
Details Provider Source level domain
Details securityaffairs.com securityaffairs.com
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 486 Security Affairs https://securityaffairs.com/feed 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details Threat Actor Identifier - APT 665 
APT29
Details Threat Actor Identifier - APT 783 
APT28