https://campbell.scot/tags/nobelium/ Recent content in Nobelium on Ru Campbell MVP Hugo en-gb Fri, 24 Dec 2021 19:37:50 +0000 https://campbell.scot/exploring-microsoft-365s-nobelium-defence-capabilities/ Fri, 24 Dec 2021 19:37:50 +0000 https://campbell.scot/exploring-microsoft-365s-nobelium-defence-capabilities/ <p>I recently read through an <a href="https://www.mandiant.com/resources/russian-targeting-gov-business">excellent article by Mandiant</a>, which recently split with FireEye, on their findings and analysis of the continued actions of suspected nation-state actor NOBELIUM.  This group appeared on most IT pro&rsquo;s radar because of their SolarWinds&rsquo; software supply chain.  You are probably familiar with it by now, but if not, the tl;dr is that SolarWinds&rsquo; Orion IT software was &ldquo;trojanised&rdquo; via an attack on their software supply chain.  Orion is (probably now &ldquo;was&rdquo;) used by enterprise customers to monitor their servers, network, etc, so not only was SolarWinds compromised, so too potentially were its customers.</p>