NSA, UK National Cyber Security Centre, and Partners Release Update About Russian 'Star Bl – National Security Agency

Official websites use .gov
Secure .gov websites use HTTPS

FORT MEADE, Md. – The National Security Agency (NSA) has joined the UK National Cyber Security Centre (NCSC-UK) and other partners in releasing the Cybersecurity Advisory (CSA), “Russian FSB Cyber Actor Star Blizzard Continues Worldwide Spear-Phishing Campaigns,” to raise awareness of the specific spear-phishing techniques used by Star Blizzard to target individuals and organizations, including the U.S. government and Defense Industrial Base, and to provide guidelines to protect against the continued threat.   
 
Star Blizzard, formerly known as SEABORGIUM or BlueCharlie, is an organization with links to the Russian Federal Security Service (FSB) that targets specific individuals or groups perceived to have direct access to information of interest to Russia, including governmental organizations, the defense industry, academia, think tanks, NGOs, politicians, and others in the U.S. and UK, as well as targets in other NATO countries and countries neighboring Russia.

“Russia continues to be a threat. They continue to successfully use known spear-phishing techniques for intelligence gathering,” said Rob Joyce, Director of NSA’s Cybersecurity Directorate. “Those at risk should note that the FSB likes to target personal email accounts, where they can still get to sensitive information but often with a lower security bar.”

Following the previously published guidance in January 2023, the report details two new reported tactics, techniques, and procedures (TTPs) used by Star Blizzard to target individuals and organizations. The actor utilizes the open source framework EvilGinx, which enables them to harvest credentials and session cookies to successfully bypass multifactor authentication. According to the CSA, likely Star Blizzard activity expanded in 2022, to include defense and energy targets.

This advisory outlines mitigations to defend against Star Blizzard activity. These mitigations include using strong passwords, using multifactor authentication (MFA), completing network and device updates, exercising vigilance in identifying suspicious emails and links, enabling automated email scanning features, and disabling mail forwarding.
 
Read the full report here.
 
Visit our full library for more cybersecurity information and technical guidance.
NSA Media Relations
MediaRelations@nsa.gov
443-634-0721
Civil Liberties, Privacy, & Transparency Office

source

Related Posts

After 6 months and little explanation, Norton Healthcare patients, employees still feeling effects of cyber attack – WDRB

Spotty shower possible. Storms after midnight Updated: April 16, 2024 @ 12:31 pmNorton Healthcare, a company serving about 600,000 patients a year with nearly $5 billion in assets, continues to…

Read more

CA's top cybersecurity job has been vacant for almost 2 years – CalMatters

Technology Californians get hacked all the time. The state’s top cybersecurity job is vacant In summaryGov. Newsom has yet to appoint a commander who is tasked with informing businesses and…

Read more

13 Cyber Security Measures Your Small Business Must Take – Tech.co

Our content is funded in part by commercial partnerships, at no extra cost to you and without impact to our editorial impartiality. Click to Learn MoreCybersecurity has been important to…

Read more

AVG Antivirus Free review – Ghacks

AVG AntiVirus Free is a longstanding security program for Microsoft Windows that protects computer systems from viruses, trojans and other malicious code.One interesting fact about AVG is that it maintains…

Read more

Vlog Episode #247: Chris Long on Improving Technical SEO Skills & Playing Offense SEO – Search Engine Roundtable

In part one, we learned about Chris Long and his experience working with Bill Slawski. Then, in part two, we spoke about helping people with SEO on LinkedIn and using…

Read more

Information Security Vs. Cybersecurity: What's The Difference? – Forbes

Information Security Vs. Cybersecurity: What’s The Difference?  Forbessource

Read more

Leave a Reply

Your email address will not be published. Required fields are marked *