SEARCH
Archive
CISA Details Cloud-Focused Attack Techniques Used by APT29
CISA and some its foreign partner agencies are warning that APT29 is using a variety of techniques to target cloud services and accounts.
Russian COLDRIVER Group Uses New Backdoor to Target Governments
The Russian APT known as COLDRIVER is using a new backdoor called SPICA in phishing campaigns against NGOs and governments.
CISA: Russian Threat Actors Exploiting TeamCity Flaw
U.S. government agencies warn that Russian threat actors have been exploiting a known vulnerability in TeamCity since late September.
U.S., UK Sanction Russian APT Members
The NSA, UK's National Cyber Security Centre (NCSC) and Microsoft detailed recent changes in TTPs from a known Russian threat group.
Russian Group Targeting Exchange Flaw
Fancy Bear, also known as APT28 and Forest Blizzard, has been targeting a Microsoft Exchange flaw (CVE-2023-23397) against targets in Poland.