US, Allies Highlight Russian-State Cyber Actor “Star Blizzard” Spear-phishing Campaigns – United States Cyber Command

Official websites use .mil
Secure .mil websites use HTTPS

By Cyber National Mission Force Public Affairs Cyber National Mission Force
U.S. Cyber Command’s Cyber National Mission Force, alongside interagency and foreign partners, issued a joint Cybersecurity Advisory highlighting advanced spear-phishing campaigns and tactics and techniques from the Russia-based malicious cyber actor Star Blizzard (formerly known as SEABORGIUM; also known as Callisto Group, TA446, COLDRIVER, TAG-53, and/or BlueCharlie).
The United Kingdom’s National Cyber Security Centre, joined by the Australian Cyber Security Centre, Canadian Centre for Cyber Security, New Zealand National Cyber Security Centre, and U.S. government interagency partners at the Cybersecurity and Infrastructure Security Agency, FBI, the National Security Agency, and CNMF, released the joint CSA, “Russia FSB cyber actor Star Blizzard continues worldwide spear-phishing campaigns,” Dec. 7, to raise public awareness of the specific and targeted spearphishing techniques used by Star Blizzard to target individuals and organizations.
Since 2019, the group, linked to Russian Federal Security Service Center 18, has targeted sectors including academia, defense, governmental organizations, non-governmental organizations, think tanks, and high-profile individuals. Targets in the U.K. and U.S. appear to have been most affected; however, their activities have also been observed against targets in various NATO countries and countries neighboring Russia.
Star Blizzard is known to use open-source resources to conduct reconnaissance, including social media and professional networking platforms, hooking their targets, building trust, and ultimately attempting to gain access to their targets’ email accounts. Once they gain access, Star Blizzard is known to set up mail forwarding rules, granting ongoing visibility of a victim’s correspondence and contact lists, utilizing this information and accesses for follow-on targeting and phishing activities.
Although spear-phishing is an established technique used by many actors, Star Blizzard has successfully evolved their use and technique to maintain this capability. Individuals and organizations from previously targeted sectors should be vigilant of the techniques above.
For more information on the group’s tactics and techniques, as well as mitigation actions, read the full report here.

source

Related Posts

After 6 months and little explanation, Norton Healthcare patients, employees still feeling effects of cyber attack – WDRB

Spotty shower possible. Storms after midnight Updated: April 16, 2024 @ 12:31 pmNorton Healthcare, a company serving about 600,000 patients a year with nearly $5 billion in assets, continues to…

Read more

CA's top cybersecurity job has been vacant for almost 2 years – CalMatters

Technology Californians get hacked all the time. The state’s top cybersecurity job is vacant In summaryGov. Newsom has yet to appoint a commander who is tasked with informing businesses and…

Read more

13 Cyber Security Measures Your Small Business Must Take – Tech.co

Our content is funded in part by commercial partnerships, at no extra cost to you and without impact to our editorial impartiality. Click to Learn MoreCybersecurity has been important to…

Read more

AVG Antivirus Free review – Ghacks

AVG AntiVirus Free is a longstanding security program for Microsoft Windows that protects computer systems from viruses, trojans and other malicious code.One interesting fact about AVG is that it maintains…

Read more

Vlog Episode #247: Chris Long on Improving Technical SEO Skills & Playing Offense SEO – Search Engine Roundtable

In part one, we learned about Chris Long and his experience working with Bill Slawski. Then, in part two, we spoke about helping people with SEO on LinkedIn and using…

Read more

Information Security Vs. Cybersecurity: What's The Difference? – Forbes

Information Security Vs. Cybersecurity: What’s The Difference?  Forbessource

Read more

Leave a Reply

Your email address will not be published. Required fields are marked *