Microsoft Warns of Russian Spear-Phishing Attacks on U.S. Officials

The hacking group Midnight Blizzard, linked to Russia's intelligence service, targets U.S. sectors ahead of the 2024 presidential election.

Microsoft identified Midnight Blizzard, a Russian government-backed group, as responsible for a new spear-phishing campaign targeting U.S. government officials and other sectors.
The attacks involve emails with signed Remote Desktop Protocol files, which connect to servers controlled by the hackers, potentially compromising sensitive information.
Microsoft's threat intelligence indicates the primary goal of these attacks is intelligence collection through espionage.
Midnight Blizzard, also known as APT29, has a history of cyber-attacks, including the 2020 SolarWinds breach, and continues to target entities in the U.S. and Europe.
The campaign raises concerns about foreign interference in U.S. democratic processes, with additional reports of Russian disinformation efforts targeting political figures.