CISA, Microsoft, FBI, and security firms share awareness of a malicious SPAM based attack called “NOBELIUM”

Microsoft Announces New Campaign from NOBELIUM | CISA

New sophisticated email-based attack from NOBELIUM – Microsoft Security

Nobelium Resource Center – updated March 4, 2021

The Microsoft Threat Intelligence Center (MSTIC) has released information on the uncovering of a widespread malicious email campaign undertaken by the activity group that Microsoft tracks as NOBELIUM. NOBELIUM was initially identified in November 2020, during an intrusion at a major cybersecurity organization. Microsoft security researchers identify NOBELIUM as the actor responsible for the 2020 compromise of the SolarWinds Orion platform, and subsequent activity targeting other Microsoft customer networks and cloud assets.  CISA encourages users and administrators to review MSTIC’s blog post New sophisticated email-based attack from NOBELIUM and apply the necessary mitigations.