Midnight Blizzard Conducts Large-Scale Spear-Phishing Campaign Utilizing RDP Files
Summary Since October 22, 2024, Microsoft Threat Intelligence has observed recorded activity of the Russian threat actor known as Midnight Blizzard conducting a sophisticated spear-phishing campaign aimed at individuals in various sectors, including government, academia, defense, and non-governmental organizations. This ongoing activity involves sending highly targeted emails, which include a signed Remote Desktop Protocol (RDP) configuration file…
Read More
