Russian hacking group behind SolarWinds Orion attack has been perfecting its email-based attacks over the past few months to plant backdoors inside organizations. The group, known in the security industry as APT29, Cozy Bear, The Dukes and Nobelium, has been tied to the Russian Foreign Intelligence Service (SVR) by the US and UK governments. Around a quarter of Nobelium’s targets were organizations involved in international development, humanitarian, and human rights work. Microsoft has released indicators of compromise for the campaigns as well as a set of recommendations for users using Microsoft Defender Antivirus.”]