BlueCharlie changes attack infrastructure in response to reports on its activity
Russia-linked APT group BlueCharlie was observed changing its infrastructure in response to recent reports on its activity. Researchers from Recorded Future reported that Russia-linked APT group BlueCharlie (aka Blue Callisto, Callisto, COLDRIVER, Star Blizzard (formerly SEABORGIUM), ColdRiver, and TA446) continues to change its attack infrastructure following recent reports on its activity. The APT group has […]
#BlueCharlie, associated with the Russia-nexus group Callisto/Calisto,
#COLDRIVER, and
#SEABORGIUM, continues to deploy new infrastructure in 2023 indicating sophistication in adapting to public disclosures and improving opsec:
https://www.recordedfuture.com/bluecharlie-previously-tracked-as-tag-53-continues-to-deploy-new-infrastructure-in-2023 
BlueCharlie, Previously Tracked as TAG-53, Continues to Deploy New Infrastructure in 2023 | Recorded Future
Insikt Group tracks BlueCharlie, a Russia-nexus threat group that's evolving operations, with 94 new domains since March 2023.
To counter the threats posed by BlueCharlie, Recorded Future recommends that organizations should adopt phishing-resistant multi-factor authentication (MFA), disable macros by default in Microsoft Office, and enforce a frequent password reset policy.
#BlueCharlie #cybersecurity #Russia #cyberattacks
https://cybersec84.wordpress.com/2023/08/02/bluecharlie-russian-cyber-adversary-shifts-tactics-in-response-to-public-disclosures/
BlueCharlie, Russian Cyber Adversary, Shifts Tactics in Response to Public Disclosures
Recorded Future, a cybersecurity firm, has identified that the Russian-linked hacking crew, BlueCharlie, is taking proactive measures to modify its infrastructure in response to increased scrutiny …
securityaffairs
Julian-Ferdinand Vögele
Freemind