Russian Military Cyber Actors Target U.S. and Global Critical Infrastructure

The Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), and National Security Agency (NSA) assess that cyber actors affiliated with the Russian General Staff Main Intelligence Directorate (GRU) 161st Specialist Training Center (Unit 29155) are responsible for Read More …

Cadet Blizzard emerges as a novel and distinct Russian threat actor

As Russia’s invasion of Ukraine continues into its second year and Microsoft continues to collaborate with global partners in response, the exposure of destructive cyber capabilities and information operations provide greater clarity into the tools and techniques used by Russian Read More …

CISA and FBI Update Advisory on Destructive Malware Targeting Organizations in Ukraine

CISA and the Federal Bureau of Investigation (FBI) have updated joint Cybersecurity Advisory AA22-057A: Destructive Malware Targeting Organizations in Ukraine, originally released February 26, 2022. The advisory has been updated to include additional indicators of compromise for WhisperGate and technical Read More …

Destructive Malware Targeting Organizations in Ukraine

Leading up to Russia’s unprovoked attack against Ukraine, threat actors deployed destructive malware against organizations in Ukraine to destroy computer systems and render them inoperable. On January 15, 2022, the Microsoft Threat Intelligence Center (MSTIC) disclosed that malware, known as Read More …

Russia’s Gamaredon aka Primitive Bear APT Group Actively Targeting Ukraine

Since November, geopolitical tensions between Russia and Ukraine have escalated dramatically. It is estimated that Russia has now amassed over 100,000 troops on Ukraine’s eastern border, leading some to speculate that an invasion may come next. On Jan. 14, 2022, Read More …