Cozy Bear Archives

Cybersecurity and Infrastructure Security Agency Director Jen Easterly testified before a House Homeland Security Subcommittee, at the Rayburn House Office Building on April 28, 2022. (Photo by Kevin Dietsch/Getty Images)

CISA emergency directive tells agencies to fix credentials after Microsoft breach

CyberScoop first reported on the existence of the directive, which calls the pilfered emails “a grave and unacceptable risk to agencies."

Apr 11, 2024 By Tim Starks

The Microsoft logo is seen at an Experience Center on Fifth Avenue on April 3, 2024, in New York City. (Photo by Michael M. Santiago/Getty Images)

Federal government affected by Russian breach of Microsoft

U.S. cybersecurity officials issued an emergency directive this week to address a breach by Russian operatives of Microsoft first disclosed in January.

Apr 4, 2024 By Rebecca Heilweil Tim Starks AJ Vicens Elias Groll

People form a peace sign with candles ahead of a rally marking the eve of the second anniversary of Russia’s invasion of Ukraine, in front of the Reichstag, the building housing the Bundestag (German lower house of parliament) in Berlin on Feb. 23, 2024. (Photo by ODD ANDERSEN/AFP via Getty Images)

German political party targeted by SVR-linked group in spearphishing campaign, Mandiant says

The group may have been seeking insights on shifting European sentiments on Ukraine, threat analysts suggest.

Mar 22, 2024 By Derek B. Johnson

SolarWinds hackers set up phony media outlets to trick targets

New infrastructure, old tricks.

May 3, 2022 By Tonya Riley

Microsoft logo is seen in a Microsoft store on March 10, 2021, in New York.(Photo by John Smith/VIEWpress)

Latest Russian espionage activity is broader than SolarWinds-style hacking effort, Microsoft’s Tom Burt says

Russia's SVR intelligence agency did some "innovative, novel work" in the latest campaign, he added.

Oct 25, 2021 By Tim Starks

Russia flag — Police officers patrol the central Manezhnaya Square in Moscow. (Sergei Supinsky/AFP via Getty Images)

Russian spies compromised 14 tech providers, aiming to ‘piggyback’ on customer access, Microsoft says

Investigators say they caught the apparent intelligence-gathering operation relatively early.

Oct 25, 2021 By Jeff Stone

Architecture and landmarks of Moscow, Russia. (Getty Images)

SolarWinds hackers targeted Autodesk in latest confirmed fallout from cyber-espionage campaign

The company detected a compromised server that was quickly taken offline, it told the Securities and Exchange Commission.

Sep 2, 2021 By Jeff Stone

A general view of the Russian Foreign Intelligence Service (SVR) headquarters outside Moscow taken on June 29, 2010. (Alexey SAZONOV/AFP via Getty Images)

Evidence suggests Russia’s SVR is still using ‘WellMess’ malware, despite US warnings

It's less clear what APT29 might be doing with the hacking tool, after allegedly using it last summer to try to steal COVID-19 research.

Jul 30, 2021 By Tim Starks

Denmark’s central bank, the Danmarks nationalbank, is pictured in Copenhagen. (Photo by Francis Dean/Corbis via Getty Images)

SolarWinds hackers had access to Denmark’s central bank, report says

Meanwhile, investigations into the cyber-espionage activity are ongoing.

Jun 30, 2021 By Jeff Stone

Russian hackers breached Microsoft customer support to try phishing targets in 36 countries

Spies accessed some "basic account information" from a limited number of Microsoft clients.

Jun 28, 2021 By Jeff Stone