CISA and some its foreign partner agencies are warning that APT29 is using a variety of techniques to target cloud services and accounts.
The Russian APT known as COLDRIVER is using a new backdoor called SPICA in phishing campaigns against NGOs and governments.
U.S. government agencies warn that Russian threat actors have been exploiting a known vulnerability in TeamCity since late September.
The NSA, UK's National Cyber Security Centre (NCSC) and Microsoft detailed recent changes in TTPs from a known Russian threat group.
Fancy Bear, also known as APT28 and Forest Blizzard, has been targeting a Microsoft Exchange flaw (CVE-2023-23397) against targets in Poland.