APT41, an attack group connected to China, has been running a broad campaign using public exploits and flaws to target companies in 20 countries.
While helping a customer deal with a state-sponsored attack group which had been stealing data and email for about eight months, Microsoft’s incident response team uncovered five other threat actors operating simultaneously on the network.
Microsoft took over 50 domains used by threat actors known as Thallium, which the company says are operating from North Korea.
The Russian attack group known as fancy Bear has been targeting anti-doping and sports organizations in advance of the 2020 Summer Olympics.
An unknown leaker is publishing hacking tools used by the APT34 attack group that has been linked to Iranian intelligence.