New Blog Post | Breaking down NOBELIUM’s latest early-stage toolset

%3CLINGO-SUB%20id%3D%22lingo-sub-2404314%22%20slang%3D%22en-US%22%3ENew%20Blog%20Post%20%7C%20Breaking%20down%20NOBELIUM%E2%80%99s%20latest%20early-stage%20toolset%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2404314%22%20slang%3D%22en-US%22%3E%3CP%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20image-alt%3D%22JasonCohen1892_0-1622559188559.png%22%20style%3D%22width%3A%20400px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F285339i9F2128D084EDF107%2Fimage-size%2Fmedium%3Fv%3Dv2%26amp%3Bpx%3D400%22%20role%3D%22button%22%20title%3D%22JasonCohen1892_0-1622559188559.png%22%20alt%3D%22JasonCohen1892_0-1622559188559.png%22%20%2F%3E%3C%2FSPAN%3E%3C%2FP%3E%0A%3CP%3E%3CA%20href%3D%22https%3A%2F%2Fwww.microsoft.com%2Fsecurity%2Fblog%2F2021%2F05%2F28%2Fbreaking-down-nobeliums-latest-early-stage-toolset%2F%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3EBreaking%20down%20NOBELIUM%E2%80%99s%20latest%20early-stage%20toolset%20-%20Microsoft%20Security%3C%2FA%3E%3C%2FP%3E%0A%3CP%3E%3CSPAN%3EIn%20this%20blog%2C%20we%20highlight%20four%20tools%20representing%20a%20unique%20infection%20chain%20utilized%20by%20NOBELIUM%3A%20EnvyScout%2C%20BoomBox%2C%20NativeZone%2C%20and%20VaporRage.%20These%20tools%20have%20been%20observed%20being%20used%20in%20the%20wild%20as%20early%20as%20February%202021%20attempting%20to%20gain%20a%20foothold%20on%20a%20variety%20of%20sensitive%20diplomatic%20and%20government%20entities.%3C%2FSPAN%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-2404314%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EAzure%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3ECloud%20Security%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EMicrosoft%20365%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EThreat%20Protection%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E
Microsoft

JasonCohen1892_0-1622559188559.png

Breaking down NOBELIUM’s latest early-stage toolset - Microsoft Security

In this blog, we highlight four tools representing a unique infection chain utilized by NOBELIUM: EnvyScout, BoomBox, NativeZone, and VaporRage. These tools have been observed being used in the wild as early as February 2021 attempting to gain a foothold on a variety of sensitive diplomatic and government entities.

0 Replies