Microsoft Sues Hacker Group for Data Theft of Highly Sensitive Information



Businesswoman holding tablet pc entering password. Security concept-2A new recently unsealed lawsuit against a North Korean hacker group shows how even the largest companies can be successfully attacked by phishing.

You’d think the world’s largest tech giant that both makes and uses their own cutting-edge security software would be the last company to be a victim of a data breach. But according to a new lawsuit, Microsoft is suing a hacker group known as Thallium or stealing valuable data.

According to the lawsuit, members of Thallium used spear phishing and impersonating legitimate Microsoft websites to compromise credentials, giving them access to “high-value” networks. Malware such as the BabyShark and KimJognRAT are alleged to have been used to provide remote access to systems and to exfiltrate data.

This lawsuit should be a warning to every organization; the company that make the software that stops the bad guys didn’t stop the bad guys! Based on the documented methods used (phishing) and results of the attacks (malware-infected endpoints), it’s evident that just as with every other organization in the world, you can’t 100% rely on security solutions. Eventually some measure of phishing emails make their way to the Inbox and are clicked on by users.

It’s imperative that the user become a part of the security strategy. By educating them with Security Awareness Training, users take on the same scrutinizing vigilance that already comes naturally to members of IT. Instead of falling victim, users become adept at spotting suspicious and potentially malicious email messages, stopping attacks in their tracks.


Request A Demo: Security Awareness Training

products-KB4SAT6-2-1New-school Security Awareness Training is critical to enabling you and your IT staff to connect with users and help them make the right security decisions all of the time. This isn't a one and done deal, continuous training and simulated phishing are both needed to mobilize users as your last line of defense. Request your one-on-one demo of KnowBe4's security awareness training and simulated phishing platform and see how easy it can be!

Request a Demo!

PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:

https://www.knowbe4.com/kmsat-security-awareness-training-demo



Subscribe To Our Blog


Comprehensive Anti-Phishing Guide




Get the latest about social engineering

Subscribe to CyberheistNews