Chinese state-sponsored actors are targeting global telecommunications and other critical infrastructure orgs. We’ve joined others worldwide to call these actors out and publish hunting & mitigation guidance to reduce this ongoing threat. https://t.co/saq1a0sT8o

Yesterday at #RSAC 2025, FBI Assistant Director Bryan Vorndran warned about the threat from North Korean remote IT workers, who gain employment with US companies to generate revenue for Pyongyang, exfiltrate proprietary and sensitive data, and conduct data extortion.

We joined @FBI @NSAGov & @NCSC to outline TTPs used by Russia's SVR (APT29) to target defense, tech & finance sectors globally. They scan for unpatched systems, gain access, and pivot to connected networks. Read the CSA for ways to protect your networks:

🚨We partnered with @FBI @USTreasury & @NCSC to expose cyber threats from Iran’s IRGC, targeting gov't, think tanks, journalists, activists, lobbyists & election officials' personal social accounts. ⚠️Stay informed:

Today CNMF joined @FBI @NSA & partners 🇬🇧🇦🇺🇨🇦🇳🇿 to issue a joint advisory on foreign state-sponsored actors using IoT devices to create a botnet positioned for malicious cyber activities. Read the full advisory, to include mitigation actions, here:

We joined US & international partners 🇳🇱🇨🇿🇩🇪🇪🇪🇱🇻🇺🇦🇨🇦🇦🇺🇬🇧 to issue a Cybersecurity Advisory on malware used by Russian-state affiliated cyber actors for espionage, theft/leakage of sensitive info & sabotage/data destruction. Read the full advisory here:

Read the FBI's full CSA report and take actions today to mitigate malicious cyber activity:

We joined @FBI @AIVD with Dutch & Canadian partners to warn of Russian state-sponsored actors using covert Meliorator software for disinformation campaigns. Read the FBI's CSA & take actions to improve your cybersecurity posture against this activity. https://t.co/CPgITV2o1Z

We joined US and international partners to publish a cybersecurity advisory highlighting Russian state-sponsored actor APT28’s compromise of EdgeRouters globally. Read more, to include actions users can take to keep APT28 out of their networks, here:

Russian-state linked cyber actor APT29 is adapting their tradecraft as more organizations move to the cloud. CNMF joined FVEY 🇬🇧🇦🇺🇨🇦🇳🇿🇺🇸 partners to expose the group’s TTPs & provide mitigation strategies. Read the CSA here:

Individuals associated with the Callisto Group, run by Russia’s Federal Security Service (FSB), conducted a sophisticated spear-phishing campaign targeting U.S. and foreign government entities. Have information on them? Send us a tip. You may be eligible for a reward.

CNMF joined US & international partners @NCSC, @CyberGovAU, @cybercentre_ca, @CISAgov, @FBI, @NSACyber & NCSC-NZ, releasing a joint CSA highlighting Russian-state actor Star Blizzard’s global spear-phishing campaigns & TTPs. Read the full advisory here: https://t.co/YEQb2LwfLp

REWARD! Up to $10M for information on Iranian malicious #cyber actors AHMADI, KHATIBI & NICKAEIN. They targeted U.S. critical infrastructure and compromised hundreds of computer networks across the U.S. and abroad. GOT A TIP? Contact RFJ today! https://t.co/jA8oZs65cQ

Read more about it here:

U.S. defensive cyber operators recently returned from @US_CYBERCOM’s second #DefendForward mission to #Lithuania where they hunted on key networks in close collaboration with @Lithuanian_MOD. #PartnershipsMatter because we are #StrongerTogether

@CISAgov @FBI @CISACyber @US_CYBERCOM Nation-state APTs used unauthorized admin credentials to move laterally within an organization’s networks. Take action today to protect your networks! Follow the mitigation actions outlined by @CISAgov & @FBI in the CSA:

Multiple nation-state APT actors are scanning internet-facing apps for vulnerabilities that can be easily exploited. Read the @CISAgov & @FBI advisory: https://t.co/nYkp809ztM @CISACyber @US_CYBERCOM

Russian intel FSB Center 16 has been using "Snake" implant as a cyber espionage tool for long-term intel collect against media, education, small businesses & CIKR in 50+ countries. Read the US/Allied Cybersecurity Advisory here: https://t.co/mUVyLR3Kyl

Make sure to save all your answers for the final #MathStatMonth challenge released 26 April. Best of luck to all!

It's #MathStatMonth and the #cybersecurity workforce from @DeptofDefense’s CNMF, along with private sector partners, created a series of crypto, steganography, and word challenges to flex your skills. https://t.co/LFopX4NjdU