It is good to be selective in choosing your LinkedIn connections. My golden rule has always been: have I worked with or met this person before, and would I work or meet with them again? With SEABORGIUM and TA453 running active spear-phishing campaigns, this is even more important.

The UK National Cyber Security Centre says that Russia-based SEABORGIUM and Iran-based TA453 actors are still using spear-phishing attacks to gather information from targeted organizations and individuals in the UK and elsewhere.

Even though the tactics, techniques, procedures, and targeting profiles are similar, these campaigns are different, and the two groups are not working together.

My top tips for you.
1. Only accept connections from people you actually know.
2. Re-evaluate your list of connections and consider whether each connection is truly part of your network.
3. Check your privacy settings.
4. Trust, but verify!

https://www.ncsc.gov.uk/news/spear-phishing-campaigns-targets-of-interest

#cybersecurity #infosec #spearphishing #linkedin #SEABORGIUM #TA453

PwC's #threatintel team published our reporting on Russia-based TA #BlueCallisto (aka #TAG53 #SEABORGIUM #Callisto). Though they have included Ukrainian targeting in their operations, they've maintained a focus on US government organizations including the US National Labs.

Reporting here:
https://www.pwc.com/gx/en/issues/cybersecurity/cyber-threat-intelligence/blue-callisto-orbits-around-us.html

(Recorded Future also published research on the same actor who they call #TAG53
https://www.recordedfuture.com/exposing-tag-53-credential-harvesting-infrastructure-for-russia-aligned-espionage-operations)

(also posted on the bird site)