"The Microsoft Threat Intelligence Center is tracking new activity from the NOBELIUM threat actor. Our investigation into the methods and tactics being used continues, but we have seen password spray and brute-force attacks and want to share some details to help our customers and communities protect themselves," the statement said.
The company specified that the activity was targeted at specific customers, mostly IT companies (57%) and government bodies (20%). It was mainly focused on the United States (around 45%) and the United Kingdom, Germany, Canada as well.
In May, Microsoft already reported on Nobelium group's attacks against 150 government agencies, think tanks, consultants, and non-governmental organizations in the US as well as more than 20 countries. The company links the group with Russia and supposes that it was behind hacking software made by SolarWinds in December 2020.