Found 9 bookmarks
Custom sorting
New Star Blizzard spear-phishing campaign targets WhatsApp accounts | Microsoft Security Blog
New Star Blizzard spear-phishing campaign targets WhatsApp accounts | Microsoft Security Blog
In mid-November 2024, Microsoft Threat Intelligence observed the Russian threat actor we track as Star Blizzard sending their typical targets spear-phishing messages, this time offering the supposed opportunity to join a WhatsApp group. This is the first time we have identified a shift in Star Blizzard’s longstanding tactics, techniques, and procedures (TTPs) to leverage a […]
#microsoft#Threat#Intelligence#Star-Blizzard#WhatsApp#spear-phishing#campaign#research
·microsoft.com·
New Star Blizzard spear-phishing campaign targets WhatsApp accounts | Microsoft Security Blog
Amazon identified internet domains abused by APT29
Amazon identified internet domains abused by APT29
APT29 aka Midnight Blizzard recently attempted to phish thousands of people. Building on work by CERT-UA, Amazon recently identified internet domains abused by APT29, a group widely attributed to Russia’s Foreign Intelligence Service (SVR). In this instance, their targets were associated with government agencies, enterprises, and militaries, and the phishing campaign was apparently aimed at […]
#amazon#EN#2024#APT29#MidnightBlizzard#attribution#rdp#spear-phishing
·aws.amazon.com·
Amazon identified internet domains abused by APT29
Midnight Blizzard conducts large-scale spear-phishing campaign using RDP files
Midnight Blizzard conducts large-scale spear-phishing campaign using RDP files
Since October 22, 2024, Microsoft Threat Intelligence has observed Russian threat actor Midnight Blizzard sending a series of highly targeted spear-phishing emails to individuals in government, academia, defense, non-governmental organizations, and other sectors. This activity is ongoing, and Microsoft will continue to investigate and provide updates as available. Based on our investigation of previous Midnight […]
#microsoft#EN#2024#APT29#MidnightBlizzard#rdp#spear-phishing
·microsoft.com·
Midnight Blizzard conducts large-scale spear-phishing campaign using RDP files
Analysis of the Phishing Campaign: Behind the Incident
Analysis of the Phishing Campaign: Behind the Incident
See the results of our investigation into the phishing campaign encountered by our company and get information to defend against it.  Here are some key findings: We found around 72 phishing domains pretending to be real or fake companies. These domains created believable websites that tricked people into sharing their login details. The attack was sophisticated, using advanced techniques like direct human interaction to deceive targets. We analyzed several fake websites and reverse-engineered their web-facing application. At the end of the post, you will find a list of IOCs that can be used for improving your organization’s security.
#any.run#EN#2024#incident#phishing#spear-phishing#IoCs
·any.run·
Analysis of the Phishing Campaign: Behind the Incident
Russian FSB Cyber Actor Star Blizzard Continues Worldwide Spear-phishing Campaigns | CISA
Russian FSB Cyber Actor Star Blizzard Continues Worldwide Spear-phishing Campaigns | CISA
The Russia-based actor Star Blizzard (formerly known as SEABORGIUM, also known as Callisto Group/TA446/COLDRIVER/TAG-53/BlueCharlie) continues to successfully use spear-phishing attacks against targeted organizations and individuals in the UK, and other geographical areas of interest, for information-gathering activity. The UK National Cyber Security Centre (NCSC), the US Cybersecurity and Infrastructure Security Agency (CISA), the US Federal Bureau of Investigation (FBI), the US National Security Agency (NSA), the US Cyber National Mission Force (CNMF), the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC), the Canadian Centre for Cyber Security (CCCS), and the New Zealand National Cyber Security Centre (NCSC-NZ) assess that Star Blizzard is almost certainly subordinate to the Russian Federal Security Service (FSB) Centre 18.
#cisa#EN#2023#US#Russia#FSB#Star-Blizzard#SEABORGIUM#spear-phishing#attacks#UK
·cisa.gov·
Russian FSB Cyber Actor Star Blizzard Continues Worldwide Spear-phishing Campaigns | CISA