Microsoft Threat Intelligence has identified the “BadPilot campaign,” a subgroup of the Russian state actor Seashell Blizzard, which has been targeting global Internet-facing infrastructure since 2021. Utilizing various vulnerabilities, the group gains persistent access to high-value sectors, including energy and defense, employing techniques like credential theft and lateral movement to conduct extensive cyber operations and attacks.
Threat actors are leaning on trusted services more than ever
Researchers have observed that cyber threats are now using legitimate services as part of their attack strategy. This trend highlights the growing complexity and sophistication
