MICROSOFT HAS UNCOVERED NEW EMAIL ATTACKS FROM NOBELIUM THREAT ACTOR
Microsoft has Uncovered New Email Attacks from Nobelium Threat Actor, the threat actor behind the SolarWinds attacks. The attacks were escalated on 25-May-2021 when Nobelium runs this campaign by impersonating the service offered by a legitimate email marketing service Constant Contact, a US-based organization, and distribute malicious emails to a wide variety of organizations. Let’s see what information Microsoft has revealed about the new email attacks from Nobelium. See the captured IOCs with
* Who Are The Primary Targets Of This Mew Email Attack From Nobelium?
* How Is The Nobelium Email Campaign Designed To Deliver The Malware?
* Different Attack Vectors Of These New Email Attacks From Nobelium:
* Indicators Of Compromise (IOCs) Captured During The Analysis Of ‘Email Attacks From Nobelium’
* New IOCs Captured As on 2nd June 2021
* How To Be Protected From The New Nobelium Email Campaign?
Post Contents :
1. Block the IOCs on your Proxies, EDR Tools, Microsoft O365, and Firewalls.
2. Analyze Firewall and Internet proxy logs for the presence of given IOCs.
3. Avoid handling files or URL links in emails, chats or shared folders from untrusted sources.
4. Isolate the suspected systems from the network to stop spreading infections over the network.
5. Keep Anti-malware solutions at endpoint and network level updated at all time.
6. Deploy Endpoint Detection & Response (EDR) tools to detect latest malwares and suspicious activities on endpoints.
7. Provide phishing awareness trainings to your employees/contractors.
How To Be Protected From The New Nobelium Email Campaign?