Microsoft has seized a number of malicious sites which were targeting organisations based in 29  countries worldwide. The sites were used by the Nickle hacking group. Nickle is a China-based group also tracked as Playful Dragon, Royal APT, APT15, KE3CHANG and Vixen Panda.
The group compromised serves belonging to diplomatic entities, government organisations and NGOs based in 29 countries, but mainly organizations from Latin America and Europe. Microsoft’s Digital Crimes Unit (DCU) spotted the group in 2016, and their activity has been seen targeting government bodies since 2019. In the campaign, Nickle was using spearphishing attacks to access credentials stolen from compromsed third-party VPNs and exploiting unpatched SharePoint and Exchange Server to hack into networks.
Following the takedown Tom Burt, Corporate Vice President for Customer Security & Trust at Microsoft said that “no individual action from Microsoft or anyone else in the industry will stem the tide of attacks we’ve seen from nation-states and cybercriminals working within their borders. We need industry, governments, civil society and others to come together and establish a new consensus for what is and isn’t appropriate behaviour in cyberspace. “
The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY
Follow Us
© 2015 – 2019 IT Security Guru – Website Managed by Calm Logic
© 2015 – 2019 IT Security Guru – Website Managed by Calm Logic
This site uses functional cookies and external scripts to improve your experience.
Privacy Settings / PENDING
This site uses functional cookies and external scripts to improve your experience. Which cookies and scripts are used and how they impact your visit is specified on the left. You may change your settings at any time. Your choices will not impact your visit.
NOTE: These settings will only apply to the browser and device you are currently using.
GDPR Compliance

source