Accessibility links

Facebook   X   LinkedIn   Email

Russia’s Midnight Blizzard Blasts Spear-Phishing Attacks

February 22, 2025

Russian threat group Midnight Blizzard unleased spear-phishing attacks on over 100 organizations and thousands of individuals. And since 91% of cyberattacks begin with phishing emails, the success of Midnight Blizzard’s latest spear-phishing campaign is yet to be known. However, you can be sure that they’ll go to great lengths to get any information they can use for their own gain.

Midnight Blizzard’s Methods

An important part of successful spear-phishing, Midnight Blizzard does its homework. They troll social media and networking websites like LinkedIn and others to learn details about their target. They want the email to create trust or a bond with the attacker. These bad actors also represent themselves as credible in their own way, with Microsoft reporting some even claimed to be employees of their company.

Spear-phishing attacks aim to lure a target into clicking on a malicious link, open an infected attachment, provide sensitive information, or otherwise undermine their cybersecurity. When that happens, Midnight Blizzard is ready to pounce on the compromised organization’s network.

The Latest Targets

Microsoft says Midnight Blizzard’s campaign is targeting a similar set of previous victims. In this current spear-phishing effort, “governmental agencies, higher education, defense, and non-governmental organizations in dozens of countries” are the primary targets. These areas include the UK, Europe, Australia, and Japan. But, Midnight Blizzard also has a history of targeting the U.S.

Melting The Midnight Blizzard

Can anything be done to help melt Midnight Blizzard’s campaign? The answer is YES! Here are a few tips to avoid being the next catch on a spear-phishing hook.

  • Limit your details, personal or professional, posted on social media sites, including LinkedIn and other networking sites. Phishing attackers look for any details they can exploit to gain your trust, so don’t hand them over.
  • Always choose to use MFA (multi-factor authentication). It’s an additional layer of identity proof that can thwart attackers.
  • If you can avoid using SMS text or email, take it. Hardware key fobs or authenticator apps are a great way to get around both email and text phishers.

Since we know anyone, anywhere can be spear-phished, keep your guard up. That way you can keep the bad guys where they belong and expose groups like Midnight Blizzard to the sunlight.


Report Finds Increase in DDoS Attacks Against Financial Institutions

Corporate Security

Report Finds Increase in DDoS Attacks Against Financial Institutions

A recent report by Akamai Technologies highlights a significant surge in distributed denial-of-service (DDoS) attacks targeting the financial services sector. In 2023, financial institutions accounted for 34% of all DDoS attacks, surpassing the gaming industry as the most targeted sector. This uptick represents a 154% increase in attacks against the financial services industry between 2022 and 2023. It's a reminder to all of us to stay on top of cybersecurity threats. READ FULL STORY
The Most Massive Data Breaches In The U.S.—So Far

Identity Theft

The Most Massive Data Breaches In The U.S.—So Far

These days, news of massive data breaches is no longer as shocking as it used to be. It’s been non-stop news for so long that Americans are becoming numb to these crimes. But when billions of records so far this year have been hijacked by cybercriminals, these mega breaches are serious business—especially for the victims. Below is a closer look at some of the biggest data breaches (so far) this year and some brief notes on what you can do to help protect yourself from cybercrimes. READ FULL STORY
Microsoft’s Shares Info From Stolen Emails With Its Customers

Corporate Security

Microsoft’s Shares Info From Stolen Emails With Its Customers

In an unusual move, cyberattack victim Microsoft offers to share emails stolen from their corporate clients in a data breach. Microsoft says hijacked emails will be released to an organization’s administrators only after vigorous verification. The mega tech titan believes the Russian state-sponsored APT (advanced persistent threat group) known as Midnight Blizzard, aka Nobelium and many other names, is responsible for the attack and that the customers have a right to know what they got. READ FULL STORY
Russian-Backed Attackers Spear Phish U.S. Car Company

Corporate Security

Russian-Backed Attackers Spear Phish U.S. Car Company

Spear phishing attacks by a notorious Russian-backed threat group were launched against a large U.S. car manufacturer, who is currently unnamed. The group known as FIN7 used the highly targeted phishing campaign to attack IT department employees and others with top levels of system access. In this latest attack, FIN7 directly targeted IT employees and those in upper levels of the company, using targeted phishing and a typosquatted website. READ FULL STORY
Bank of America Customers Caught In Vendor Hack

Identity Theft

Bank of America Customers Caught In Vendor Hack

Breaches of third-party vendors are a growing security threat. Bank of America advised customers that a vendor security breach compromised a blockbuster amount of PII. The stolen data was the result of a breach of one of the bank’s service providers, Infosys McCamish Systems (IMS). The vendor announced the breach, and by extension it led to the sensitive data of Bank of America customers being accessed. It’s estimated that more than 57,000 B of A customers were victims. READ FULL STORY