New Russia-affiliated actor Void Blizzard targets critical sectors for espionage
NetmanageIT OpenCTI - opencti.netmanageit.com
SUMMARY :
Void Blizzard, a newly identified Russia-affiliated threat actor, has been conducting global cyberespionage operations since April 2024. Their primary targets are organizations in critical sectors, particularly in NATO member states and Ukraine, including government, defense, transportation, media, NGOs, and healthcare. The group employs tactics such as using stolen credentials, likely obtained from commodity infostealer ecosystems, and recently evolved to include targeted spear phishing for credential theft. Despite using unsophisticated techniques, Void Blizzard has been effective in gaining access and collecting large volumes of emails and files from compromised organizations. Their activities pose a significant risk to NATO member states and allies of Ukraine.
OPENCTI LABELS :
ukraine,nato,spear phishing,cyberespionage,evilginx,critical sectors,cve-2025-27920,azurehound,stolen credentials,russia-affiliated,cloud abuse
Open in NetmanageIT OpenCTI Public Instance with below link!
Use public read only username and password on login page.
NOTE : Use Public READ only user credentials on login page banner.
New Russia-affiliated actor Void Blizzard targets critical sectors for espionage