SOCRadar this week released research diving a new cyber campaign by Storm-2372, a Russian state-backed group which has recently been exploiting device code phishing to bypass MFA and infiltrate high value targets such as government, defense, healthcare, and financial institutions across the US, UK, and more.
In this blog, the researchers outline what device code phishing is, how it works, who is being targeted, key indicators of compromise, as well as mitigation strategies.
For full details, the research can be read here: https://socradar.io/storm-2372-russian-apt-using-device-code-phishing-in-advanced-attacks/
Related
This entry was posted on April 11, 2025 at 10:25 am and is filed under Commentary with tags SOCRadar. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
Storm-2372: Russian APT Using Device Code Phishing in Advanced Attacks
SOCRadar this week released research diving a new cyber campaign by Storm-2372, a Russian state-backed group which has recently been exploiting device code phishing to bypass MFA and infiltrate high value targets such as government, defense, healthcare, and financial institutions across the US, UK, and more.
In this blog, the researchers outline what device code phishing is, how it works, who is being targeted, key indicators of compromise, as well as mitigation strategies.
For full details, the research can be read here: https://socradar.io/storm-2372-russian-apt-using-device-code-phishing-in-advanced-attacks/
Share this:
Like this:
Related
This entry was posted on April 11, 2025 at 10:25 am and is filed under Commentary with tags SOCRadar. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.