Recently, Microsoft released public guidance regarding a series of targeted attacks coordinated by the Russian linked hacking group Nobelium. Nobelium is the state sponsored group that is thought to have facilitated the massive attacks on the company SolarWinds that was first reported to the public in 2020.
As we have seen with attacks of a similar nature, the action that Microsoft recommends for all users immediately is to activate Two Factor Authentication (2FA) aka Multi Factor Authentication (MFA) on any and all systems that allow the use of such a feature.
These Nobelium attacks are typically delivered via spear-phishing email campaigns where they trick users into clicking on a malicious link and entering their Microsoft 365 user credentials to gain access to your systems.
editorial source InfoAxis, an IT partner of Broadfield Insurance