Russia-based threat group APT29, or Cozy Bear, is back at it, this time with a large-scale phishing campaign targeting US organizations across multiple sectors. The tactics, techniques, and procedures being used in the campaign, as well as the targeting, are similar to those used by the group shortly after the US general elections in November 2016. FireEye says it is still analyzing the activity and does not have conclusive attribution yet, but there’s enough overlap between the campaign and the one in 2016 to strongly suggest that APT 29 is behind it.”]