Security researchers at Volexity have uncovered multiple Russian threat actors conducting sophisticated social engineering and spear-phishing campaigns targeting Microsoft 365 accounts through Device Code Authentication exploitation. The attacks, observed since mid-January 2025, involve three distinct groups: “CozyLarch (APT29),” “UTA0304,” and “UTA0307.” The threat actors impersonate officials from organizations like the US Department of State, Ukrainian […]
The post Multiple Russian Actors Attacking Orgs To Hack Microsoft 365 Accounts via Device Code Authentication appeared first on Cyber Security News.
This article has been indexed from Cyber Security News