Emergency Response for Computers A new malicious email campaign that targets government agencies, businesses, and military organizations has been described by Team of Ukraine. The campaign has been linked by CERT-UA to UAC-0215, a threat actor it monitors. In a separate advisory, Amazon Web Services (AWS) connected it to the Russian nation-state hacker collective APT29.

The organization also issued a warning about a massive cyberattack that was intended to steal Ukrainian users' private data. The cyberattacks against Ukraine coincide with a Bloomberg report that described how Russia's Federal Security Service (FSB) and military intelligence agency targeted Georgia's government and infrastructure in 2017 as part of a series of online intrusions. The agency claims that some of the attacks, which have been linked to the period between August 2024 and 2020, are likely to spread beyond Ukraine and target other nations.

Microsoft: APT29 is targeting people in government, academia, defense, non-governmental organizations, and other sectors with a series of spear-phishing emails. Since October 22, the activity has continued, and it is estimated that thousands of targets in more than 100 organizations in the UK, Europe, Australia, and Japan have received the emails. America.

In an advisory, the Cybersecurity and Infrastructure Security Agency (CISA) stated that it has received numerous reports of an ongoing "large-scale spear-phishing campaign" that targets a number of industries, including government and information technology (IT). The advisory also comes after the Dutch government released a new report warning of an increase in cyberattacks against Dutch organizations by nation-state threat actors from China and Russia. Most of these attacks remain in critical infrastructure networks for possible future sabotage, and their main goal is to obtain sensitive information.