Russian threat group COLDRIVER expands its targeting of Western officials to include the use of malware
ID: 341852c1-8463-5bcf-be7e-4018380b4b5a
STIX ID: report--341852c1-8463-5bcf-be7e-4018380b4b5a
Feed Name: Google's Threat Analysis Group (TAG)
Threat Score
Google TAG reports that the Russian-linked COLDRIVER (UNC4057/Star Blizzard) group, long focused on credential phishing of high-profile targets, has evolved to include malware delivery using PDF lures; TAG disrupted recent campaigns and added known domains and hashes to Safe Browsing blocklists.
Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.