Nobelium cyberattacks targeting IT and government organizations


Hacking group Nobelium which has caused concern for a lot of companies all over the world due to its ongoing malicious activity and sophisticated phishing attacks, is once again targeting IT and government organizations in various countries.
Information-stealing malware was found on a device belonging to one of Microsoft's employees with access to account information for a small number of their customers, and the attacker has used the information in some cases to launch highly targeted attacks as part of a broader campaign.


  • Password spray and brute force attacks are being carried out against multiple organizations, but its malicious activity has been mostly unsuccessful. 


  • Deploy a Zero Trust security model. Zero Trust requires strict identity verification for every user and device when attempting to access resources on a network. It also provides the ability to limit a user's access once inside the network.
  • Enable multi-factor authentication with granular identity and access management configurations.
  • Take a proactive approach in making frequent backups of important data offsite. 
  • Use strong and different passwords for every server and change them regularly.
  • Frequent update of operating system, applications, and every network device.
  • Enable security alerts about links and files from suspicious websites.