YTTRIUM

Yttrium, also known as APT29, CozyBear, UNC2452, NOBELIUM, and Midnight Blizzard, is a prominent threat actor in the cybersecurity landscape. This group has been attributed to several significant cyber-attacks, with its activities largely overlapping with those attributed to APT29 or CozyBear, according to third-party security researchers. The group is believed to be sponsored by the Russian Foreign Intelligence Service. However, Microsoft has indicated that there isn't sufficient evidence yet to conclusively attribute certain campaigns to Yttrium, highlighting the complexity and ambiguity often involved in attributing cyber threats. In addition to being a name for a threat group, Yttrium (formerly Digital+ Partners) is also a leading technology growth equity investor based in Frankfurt, Munich, and London. It focuses exclusively on B2B technology companies, leveraging a deep corporate network to help portfolio companies access new markets and build partnerships. Yttrium aims to support ambitious entrepreneurs to build global technology leaders by providing strategic advice and long-term financial support to help them define and execute their growth plans. Following the Summa investment, Yttrium will remain a significant minority shareholder in Logpoint, demonstrating its ongoing commitment to supporting its portfolio companies. The variety of names used to identify these groups, including at least eight names for an Iranian group that Microsoft named PHOSPHORUS and 15 names for the Russian group known as Cozy Bear, highlights the lack of standardization in naming conventions within the cybersecurity industry. The same group can be referred to differently by different entities, such as CrowdStrike's Cozy Bear, Mandiant's UNC2452 and APT29, and Microsoft's NOBELIUM and YTTRIUM. This discrepancy can lead to confusion and differing conclusions in threat analysis, underscoring the need for further coordination and standardization in the field.