SEARCH
Archive
Russian COLDRIVER Group Uses New Backdoor to Target Governments
The Russian APT known as COLDRIVER is using a new backdoor called SPICA in phishing campaigns against NGOs and governments.
CISA: Russian Threat Actors Exploiting TeamCity Flaw
U.S. government agencies warn that Russian threat actors have been exploiting a known vulnerability in TeamCity since late September.
U.S., UK Sanction Russian APT Members
The NSA, UK's National Cyber Security Centre (NCSC) and Microsoft detailed recent changes in TTPs from a known Russian threat group.
Russian Group Targeting Exchange Flaw
Fancy Bear, also known as APT28 and Forest Blizzard, has been targeting a Microsoft Exchange flaw (CVE-2023-23397) against targets in Poland.
State Actors Targeting WinRAR Flaw in Multiple Campaigns
APT groups from Russia and China are targeting CVE-2023-38831 in WinRAR in multiple campaigns, deploying custom and commodity malware.