"The Russian Hacker Group Behind The SolarWinds Attack Is At It Again, Microsoft Says"

According to Microsoft, the group behind the SolarWinds attack, Nobelium, is now targeting technology companies that resell and provide cloud services for customers.  The researchers stated that Nobelium has been attempting to replicate the approach it has used in past attacks by targeting organizations integral to the global IT supply chain.  The researchers noted that they believe Nobelium ultimately hopes to piggyback on any direct access that resellers may have to their customers' IT systems and more easily impersonate an organization's trusted technology partner to gain access to their downstream customers.  The researchers found that the group has not tried to find vulnerabilities in software but is using techniques like phishing and password spray to gain entry to the targeted networks.  

NPR reports: "The Russian Hacker Group Behind The SolarWinds Attack Is At It Again, Microsoft Says"