New data from Microsoft shows that Nobelium, Thallium, and other nation-state attack groups are increasingly focusing on government agencies and NGOs.
Microsoft said that the threat group has used phishing and password-spraying attacks to compromise at least 14 IT service providers this year.
Microsoft issued a fix for a use-after-free Windows vulnerability that was being leveraged in attacks, as part of its October Patch Tuesday roundup.
A new group with ties to the Iranian government is conducting a password-spraying campaign against Office 365 accounts.
The Nobelium attackers, who are responsible for the SolarWinds intrusion, have been deploying a new backdoor called FoggyWeb in targeted attacks.