According to Microsoft, the group is targeting technology companies that resell and provide cloud services and has been using phishing and password spray to gain entry to targeted networks.
Screenshots of the malicious email show that it purports to be a special alert from the government. "Donald Trump has published new documents on election fraud," the message declares.
An attack shuts down Colonial Pipeline, a major transporter of gasoline along the East Coast. A security analyst says the event shows the vulnerability of key elements of the nation's infrastructure.
Russian hackers exploited gaps in U.S. defenses and spent months in government and corporate networks in one of the most effective cyber-espionage campaigns of all time. This is how they did it.
President Biden is ordering a new round of economic sanctions that include restrictions on dozens of Russian entities and the expulsion of some Kremlin diplomats.
Microsoft previously said it was among thousands of companies that discovered malware on its systems. But now it is revealing the attack allowed hackers to access its closely guarded source code.
The malware-infused SolarWinds software update, blamed on Russian state actors, appears to have infected computers more broadly than previously acknowledged.
A day after the secretary of state became the highest-ranking administration official to blame Russia for a vast hack of multiple U.S. agencies, the president suggested someone else may be to blame.