The same group behind the SolarWinds supply-chain attacks has been targeting Microsoft s corporate networks. U.S.-based IT and government organizations have been targeted by the Nobelium state-sponsored group. The group stole customer-service-agent credentials to gain access and launch attacks against Microsoft customers. Microsoft found 45 percent of their customers who were targeted in the attacks are in the United States out of those, 57 percent are IT companies and 20 percent are government agencies. The attacks are no longer a nuisance, but instead represent a real and significant threat to our national security.
Source: https://threatpost.com/russian-attackers-breach-microsoft/167340/