Midnight Blizzard – a cyber espionage group that has been linked to the Russian Foreign Intelligence Service (SVR) – is targeting government, academia, defense, and NGO workers with phishing emails containing a signed Remote Desktop Protocol (RDP) configuration file. “Based on our investigation of previous Midnight Blizzard spear-phishing campaigns, we assess that the goal of this operation is likely intelligence collection,” Microsoft’s threat analysts say. Midnight Blizzard Midnight Blizzard (aka Cozy Bear, APT29, and UNC2452) … More

The post Russian hackers deliver malicious RDP configuration files to thousands appeared first on Help Net Security.