Targeted attacks against MSP:s, NATO and Ukraine. Two stories from Sophos and Microsoft published today.

The MSP-attack involved abusing vulnerabilities in SimpleHelp chaining a number of vulnerabilities. A little bit of a more advanced attack IMHO.

Then you have the NATO and Ukraine attacks as detailed by Microsoft, involving password spraying and likely bought credentials from criminal ecosystems.

Funny. Ransomware attackers are more advanced than APTs 🙂

References:
https://news.sophos.com/en-us/2025/05/27/dragonforce-actors-target-simplehelp-vulnerabilities-to-attack-msp-customers/

https://www.microsoft.com/en-us/security/blog/2025/05/27/new-russia-affiliated-actor-void-blizzard-targets-critical-sectors-for-espionage/

#Cybersecurity #ThreatIntel #PasswordSpray #Password #StolenCredentials #APT #LAUNDRYBEAR #VoidBlizzard #Russia #NATO #Ukraine #SimpleHelp #Vulnerabilities #Vulnerability

Keeping business accounts secure should be a top priority. What extra security do you have in place to protect sensitive data and even financial info?

#MFA #StolenCredentials #DataSecurity

https://www.forbes.com/sites/daveywinder/2025/02/24/hackers-share-39-billion-stolen-passwords-what-you-need-to-know/ #cybersecurity #infostealers #StolenCredentials #PC #macOS #corporatepasswords #Gmail #Outlook #ActiveDirectory #FederationServices #RemoteDesktop

Ticketmaster Coughs Up $10 Million Fine After Hacking Rival Business - Several Ticketmaster executives conspired a hack against a rival concert presales firm, in attempt... https://threatpost.com/ticketmaster-10-million-fine-hacking-rival/162695/ #formeremployeedataretention #departmentofjustice #illegaldataaccess #stolencredentials #stolenpasswords #artisttoolbox #insiderthreat #ticketcompany #ticketmaster #websecurity #livenation #songkick #hacks #hack #doj #fbi

Alleged Hacker Behind Massive ‘Collection 1’ Data Dump Arrested - The threat actor known as ‘Sanix’ had terabytes of stolen credentials at his residence, authoritie... more: https://threatpost.com/alleged-hacker-behind-massive-collection-1-data-dump-arrested/155915/ #stolencredentials #recordedfuture #collection#1 #hackerforums #threatactor #government #briankrebs #darkweb #ukraine #breach #hacker #sanix

FBI seizes credentials-for-sale site WeLeakInfo.com - The FBI has seized the domain for WeLeakInfo.com, a site that sold breached data records, after a ... more: https://nakedsecurity.sophos.com/2020/01/20/fbi-seizes-credentials-for-sale-site-weleakinfo-com/ #credentials-for-sale #stolencredentials #securitythreats #northernireland #weleakinfo.com #netherlands #databreach #stolendata #law&order #dataloss #dataleak #fbi #uk #us

Lottery hacker gets 9 months for his £5 cut of the loot - We don't care how little you made from your crimes, the judge said. We care that you went after an... more: https://nakedsecurity.sophos.com/2020/01/14/lottery-hacker-gets-9-months-for-his-5-cut-of-the-loot/ #automatedpasswordguessing #computermisuseact1990 #credentialstuffing #stolencredentials #bruteforceattack #securitythreats #nationallottery #usercredentials #bruteforcetool #danielthompson #idrisakinwunmi #passwordreuse #uk