While helping a customer deal with a state-sponsored attack group which had been stealing data and email for about eight months, Microsoft’s incident response team uncovered five other threat actors operating simultaneously on the network.
Microsoft took over 50 domains used by threat actors known as Thallium, which the company says are operating from North Korea.
The Russian attack group known as fancy Bear has been targeting anti-doping and sports organizations in advance of the 2020 Summer Olympics.
An unknown leaker is publishing hacking tools used by the APT34 attack group that has been linked to Iranian intelligence.
A recent intrusion at Norwegian MSP Visma that researchers attribute to APT10 demonstrates the changing tactics of some advanced attack groups.