Sign up for our daily briefing

Make your busy days simpler with the Axios AM and PM newsletters. Catch up on what's new and why it matters in just 5 minutes.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Catch up on the day's biggest business stories

Subscribe to the Axios Closer newsletter for insights into the day’s business news and trends and why they matter.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Sign up for Axios Pro Rata

Dive into the world of dealmakers across VC, PE and M&A with Axios Pro Rata. Delivered daily to your inbox by Dan Primack and Kia Kokalitcheva.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Sports news worthy of your time

Binge on the stats and stories that drive the sports world with the Axios Sports newsletter. Sign up for free.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Tech news worthy of your time

Get our smart take on technology from the Valley and D.C. with Axios Login. Sign up for free.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Get the inside stories

Get an insider's guide to the new White House with Axios Sneak Peek. Sign up for free.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Catch up on coronavirus stories and special reports, curated by Mike Allen everyday

Catch up on coronavirus stories and special reports, curated by Mike Allen everyday

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Denver news?

Get a daily digest of the most important stories affecting your hometown with Axios Denver

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Des Moines news?

Get a daily digest of the most important stories affecting your hometown with the Axios Des Moines newsletter.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Twin Cities news?

Get a daily digest of the most important stories affecting your hometown with Axios Twin Cities

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Tampa Bay news?

Get a daily digest of the most important stories affecting your hometown with the Axios Tampa Bay newsletter.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Charlotte news?

Get a daily digest of the most important stories affecting your hometown with Axios Charlotte

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Nashville news?

Get a daily digest of the most important stories affecting your hometown with the Axios Nashville newsletter.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Columbus news?

Get a daily digest of the most important stories affecting your hometown with the Axios Columbus newsletter.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Dallas news?

Get a daily digest of the most important stories affecting your hometown with the Axios Dallas newsletter.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Austin news?

Get a daily digest of the most important stories affecting your hometown with the Axios Austin newsletter.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Atlanta news?

Get a daily digest of the most important stories affecting your hometown with the Axios Atlanta newsletter.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Philadelphia news?

Get a daily digest of the most important stories affecting your hometown with the Axios Philadelphia newsletter.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Chicago news?

Get a daily digest of the most important stories affecting your hometown with the Axios Chicago newsletter.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Sign up for Axios NW Arkansas

Stay up-to-date on the most important and interesting stories affecting NW Arkansas, authored by local reporters

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top DC news?

Get a daily digest of the most important stories affecting your hometown with the Axios DC newsletter.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Russian President Vladimir Putin during a video message to the Russian Congress on May 27. Photo: Sergei Ilyin/AFP via Getty Image

The same Russian hackers behind the massive SolarWinds breach have launched a new wave of cyberattacks targeting government agencies, think tanks, consultants and NGOs, Microsoft disclosed late Thursday night.

Why it matters: The revelation of the ongoing attack comes less than two months after the U.S. imposed sanctions and expelled Russian diplomats in response to the SolarWinds hack, described by Microsoft as the "most sophisticated attack the world has ever seen."

  • The new breach was discovered just weeks before President Biden is set to hold his first in-person summit with Russian President Vladimir Putin in Geneva, and comes on the heels of other Russian-backed cyber espionage campaigns.

Microsoft said the hacking group Nobelium, which is linked to Russia’s main intelligence agency, was behind the attack.

  • The Kremlin-linked hacking group took control of a U.S. Agency for International Development account and sent legitimate-looking emails containing malicious files to international human rights groups and humanitarian organizations, according to Microsoft.
  • Microsoft, which monitors for malicious activity on the internet, said this attack "differs significantly" from the SolarWinds breach, with the hackers appearing to use newer tools and tradecraft.

How it works: Nobelium gained access to USAID's Constant Contact email marketing account, allowing the group to send malicious emails that appeared to come from genuine government addresses to 3,000 emails across more than 150 organizations.

  • The emails contained a "backdoor" through which the hacks could steal data and infect other computers on a network. Some of the emails were flagged by automated email threat detection systems, but some may have been successfully delivered.
  • Many of the organizations targeted have been critical of Putin and have revealed and condemned Russian action against dissidents, including the poisoning and jailing of opposition leader, Alexei Navalny, according to the New York Times.
An example of a phishing email meant to resemble a legitimate email from USAID. Screenshot: Microsoft

What they're saying: A spokesperson for the Cybersecurity and Infrastructure Security Agency told the Times Thursday that the agency was “aware of the potential compromise, and that it was working with USAID and the FBI "to better understand the extent of the compromise and assist potential victims.”

  • "First, when coupled with the attack on SolarWinds, it’s clear that part of Nobelium’s playbook is to gain access to trusted technology providers and infect their customers," Tom Burt, a Microsoft vice president, wrote in a blog post Thursday.
  • "By piggybacking on software updates and now mass email providers, Nobelium increases the chances of collateral damage in espionage operations and undermines trust in the technology ecosystem," Burt added.
  • “At least a quarter of the targeted organizations were involved in international development, humanitarian, and human rights work."

The big picture: The attack suggests Russia is not slowing its hacking campaigns against the U.S. government and U.S.-based companies, despite new sanctions.

Go deeper

Microsoft identifies new Russian cyberattack on rights groups

Illustration: Aïda Amer/Axios

The same Russia-based "threat actor" responsible for last winter's Solarwinds attack is at it again, according to a Microsoft report posted late Thursday — this time, targeting human rights and international aid groups.

By the numbers: The attackers, whom Microsoft refers to as Nobelium, targeted roughly 3000 email accounts at 150 organizations in 24 countries, including "government agencies, think tanks, consultants, and non-governmental organizations." The largest share of attacks hit U.S. organizations.

Updated 11 mins ago - Politics & Policy

Omicron dashboard

Illustration: Brendan Lynch/Axios

  1. Health: Pfizer and Moderna boosters overwhelmingly prevent Omicron hospitalizations, CDC finds — Omicron pushes COVID deaths toward 2,000 per day — The pandemic-proof health care giant.
  2. Vaccines: The case for Operation Warp Speed 2.0 — Starbucks drops worker vaccine or test requirement after SCOTUS ruling — Kids' COVID vaccination rates are particularly low in rural America.
  3. Politics: Biden concedes U.S. should have done more testing — Arizona says it "will not be intimidated" by Biden on anti-mask school policies — Federal judge blocks Biden's vaccine mandate for federal workers.
  4. World: American Airlines flight to London forced to turn around over mask dispute — WHO: COVID health emergency could end this year — Greece imposes vaccine mandate for people 60 and older — Austria approves COVID vaccine mandate for adults.
  5. Variant tracker

Arizona governor sues Biden administration over COVID funds tied to mandates

A teacher prepares a hallway barrier to help students maintain social distancing at John B. Wright Elementary School in Tucson, Arizona, on Aug. 14, 2020. Photo: Cheney Orr/Bloomberg via Getty Images

Arizona Gov. Doug Ducey (R) filed a lawsuit Friday against the Biden administration for ordering the state to stop allocating federal COVID relief funds to schools that don't comply with public health recommendations such as masking, the Arizona Republic reports.

Why it matters: The Treasury Department said last week that the state would have to pay back the money if Ducey does not redesignate the $173 million programs to ensure they don't "undermine efforts to stop the spread of COVID-19."