Hero Banner

Partner Compliance Forum

Join our Microsoft Partner Compliance discussion forum to connect with other partners, Microsoft, and compliance experts.


Alert: Guidance for partners on Nobelium targeted attacks

Situation summary 

The Microsoft Threat Intelligence Center (MSTIC) has detected nation-state activity attempting to gain access to customer data and information of multiple cloud service providers, managed service provider (MSP) partners, and other IT services organizations that use delegated administrative privileges or other elevated credentials to administer customer environments. 


This situation is not the result of a security vulnerability but rather the attacker using a diverse and dynamic toolkit consisting of malware, social engineering and phishing to gain initial access, leveraging trusted relationships to gain access to downstream customers.



Microsoft has published guidance for partners, along with other information, to help you understand the situation and act:

If after reviewing the above listed materials you have questions about this issue or the guidance, please create and submit a support ticket within Partner Center.