Summary: Microsoft researchers have identified Russian intelligence agency Star Blizzard employing spear-phishing tactics that involve QR codes and WhatsApp group chats to target individuals, particularly those linked to government and defense sectors. The threat actor uses intentionally broken QR codes in emails to lure victims into joining WhatsApp groups, allowing them to access and exfiltrate sensitive information. Microsoft has issued warnings and recommendations for potential targets to enhance their security measures against these tactics.

Threat Actor: Star Blizzard | Star Blizzard
Victim: Various government and defense-related individuals | government and defense-related individuals

Keypoints :

• Star Blizzard has shifted its spear-phishing tactics to target WhatsApp users.
• The group sends emails with broken QR codes, leading victims to a malicious webpage.
• Microsoft recommends vigilance against unexpected emails and implementing security measures like Microsoft Defender for Endpoint.