Russian intel FSB Center 16 has been using "Snake" implant as a cyber espionage tool for long-term intel collect against media, education, small businesses & CIKR in 50+ countries. Read the US/Allied Cybersecurity Advisory here: media.defense.gov/2023/May/09/20…

REWARD! Up to $10M for information on Iranian malicious #cyber actors AHMADI, KHATIBI & NICKAEIN. They targeted U.S. critical infrastructure and compromised hundreds of computer networks across the U.S. and abroad. GOT A TIP? Contact RFJ today! ow.ly/4NzM50KHhC1

Individuals associated with the Callisto Group, run by Russia’s Federal Security Service (FSB), conducted a sophisticated spear-phishing campaign targeting U.S. and foreign government entities. Have information on them? Send us a tip. You may be eligible for a reward.

CNMF joined US & international partners NCSC UK, @CyberGovAU, Canadian Centre for Cyber Security, Cybersecurity and Infrastructure Security Agency, FBI, NSA Cyber & NCSC-NZ, releasing a joint CSA highlighting Russian-state actor Star Blizzard’s global spear-phishing campaigns & TTPs. Read the full advisory here: ncsc.gov.uk/pdfs/news/star…

Russian-state linked cyber actor APT29 is adapting their tradecraft as more organizations move to the cloud. CNMF joined FVEY 🇬🇧🇦🇺🇨🇦🇳🇿🇺🇸 partners to expose the group’s TTPs & provide mitigation strategies. Read the CSA here: ncsc.gov.uk/files/Advisory…

We joined US and international partners to publish a cybersecurity advisory highlighting Russian state-sponsored actor APT28’s compromise of EdgeRouters globally. Read more, to include actions users can take to keep APT28 out of their networks, here: media.defense.gov/2024/Feb/27/20…

We joined FBI AIVD with Dutch & Canadian partners to warn of Russian state-sponsored actors using covert Meliorator software for disinformation campaigns. Read the FBI's CSA & take actions to improve your cybersecurity posture against this activity. ic3.gov/Media/News/202…

We joined US & international partners 🇳🇱🇨🇿🇩🇪🇪🇪🇱🇻🇺🇦🇨🇦🇦🇺🇬🇧 to issue a Cybersecurity Advisory on malware used by Russian-state affiliated cyber actors for espionage, theft/leakage of sensitive info & sabotage/data destruction. Read the full advisory here: ic3.gov/Media/News/202…

Today CNMF joined FBI @NSA & partners 🇬🇧🇦🇺🇨🇦🇳🇿 to issue a joint advisory on foreign state-sponsored actors using IoT devices to create a botnet positioned for malicious cyber activities. Read the full advisory, to include mitigation actions, here: media.defense.gov/2024/Sep/18/20…

🚨We partnered with FBI Treasury Department & NCSC UK to expose cyber threats from Iran’s IRGC, targeting gov't, think tanks, journalists, activists, lobbyists & election officials' personal social accounts. ⚠️Stay informed: ic3.gov/Media/News/202…

We joined FBI NSA/CSS & NCSC UK to outline TTPs used by Russia's SVR (APT29) to target defense, tech & finance sectors globally. They scan for unpatched systems, gain access, and pivot to connected networks. Read the CSA for ways to protect your networks: ic3.gov/Media/News/202…

Yesterday at #RSAC 2025, FBI Assistant Director Bryan Vorndran warned about the threat from North Korean remote IT workers, who gain employment with US companies to generate revenue for Pyongyang, exfiltrate proprietary and sensitive data, and conduct data extortion.

Chinese state-sponsored actors are targeting global telecommunications and other critical infrastructure orgs. We’ve joined others worldwide to call these actors out and publish hunting & mitigation guidance to reduce this ongoing threat. media.defense.gov/2025/Aug/22/20…