Threat Intelligence / Actor / APT29 / Midnight Blizzard (IRON TWILIGHT cluster)
APT29 / Midnight Blizzard (IRON TWILIGHT cluster)
Also known as: Cozy Bear, Midnight Blizzard, Nobelium, IRON TWILIGHT, UNC2452, The Dukes, APT29, IRON RITUAL, IRON HEMLOCK, NobleBaron, Dark Halo, YTTRIUM
Tracked threats
Full actor intelligence — infrastructure, IOCs, detection coverage and operator fingerprints — is available via the Threadlinqs MCP server (Purple tier). View plans →