2007, Access, Military and Phishing - Information Management Today

Russia-linked APT28 used post-compromise tool GooseEgg to exploit CVE-2022-38028 Windows flaw

Security Affairs

APRIL 22, 2024

APT28 deployed GooseEgg to gain elevated access to target systems and steal credentials and sensitive information. The group operates out of military unity 26165 of the Russian General Staff Main Intelligence Directorate (GRU) 85th Main Special Service Center (GTsSS). The vulnerability CVE-2022-38028 was reported by the U.S.

Military

Military File names Education Phishing

U.S. Hacks QakBot, Quietly Removes Botnet Infections

Krebs on Security

AUGUST 29, 2023

Emerging in 2007 as a banking trojan, QakBot (a.k.a. QakBot is most commonly delivered via email phishing lures disguised as something legitimate and time-sensitive, such as invoices or work orders. Documents published by the DOJ in support of today’s takedown state that beginning on Aug.

Ransomware

Ransomware Government Military Access

Russia-linked APT8 exploited Outlook zero-day to target European NATO members

Security Affairs

DECEMBER 7, 2023

Over the past 20 months, the group targeted at least 30 organizations within 14 nations that are probably of strategic intelligence significance to the Russian government and its military. The group operates out of military unity 26165 of the Russian General Staff Main Intelligence Directorate (GRU) 85th Main Special Service Center (GTsSS).

Military

Military Government Phishing Authentication

Russia-linked APT28 group spotted exploiting Outlook flaw to hijack MS Exchange accounts

Security Affairs

DECEMBER 5, 2023

The group operates out of military unity 26165 of the Russian General Staff Main Intelligence Directorate (GRU) 85th Main Special Service Center (GTsSS). Most of the APT28s’ campaigns leveraged spear-phishing and malware-based attacks. The group was involved also in the string of attacks that targeted 2016 Presidential election.

Military

Military Government Phishing Access

Russia-linked APT28 uses fake Windows Update instructions to target Ukraine govt bodies

Security Affairs

APRIL 30, 2023

CERT-UA warns of a spear-phishing campaign conducted by APT28 group targeting Ukrainian government bodies with fake ‘Windows Update’ guides. The group operates out of military unity 26165 of the Russian General Staff Main Intelligence Directorate (GRU) 85th Main Special Service Center (GTsSS).

Systems administration

Systems administration Military Phishing Government

Russia-linked APT28 has been scanning vulnerable email servers in the last year

Security Affairs

MARCH 20, 2020

The APT28 group (aka Fancy Bear , Pawn Storm , Sofacy Group , Sednit , and STRONTIUM ) has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. The cyberespionage group continues to target members of defense companies, embassies, governments, and the military.

Phishing

Phishing Military Government Passwords

Russia-linked APT28 uses COVID-19 lures to deliver Zebrocy malware

Security Affairs

DECEMBER 10, 2020

Russia-link cyberespionage APT28 leverages COVID-19 as phishing lures to deliver the Go version of their Zebrocy (or Zekapab) malware. Russia-linked APT28 is leveraging COVID-19 as phishing lures in a new wave of attacks aimed at distributing the Go version of their Zebrocy (or Zekapab) malware. ” concludes the report.

Phishing

Phishing Healthcare Military Data collection

US and UK agencies warn of Russia-linked APT28 exploiting Cisco router flaws

Security Affairs

APRIL 19, 2023

The APT28 group (aka Fancy Bear , Pawn Storm , Sofacy Group , Sednit , and STRONTIUM ) has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. Most of the APT28s’ campaigns leveraged spear-phishing and malware-based attacks. ” reads the joint advisory.

Military

Military Access Cybersecurity Education

FBI and NSA joint report details APT28’s Linux malware Drovorub

Security Affairs

AUGUST 13, 2020

.” The APT28 group (aka Fancy Bear , Pawn Storm , Sofacy Group , Sednit , and STRONTIUM ) has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. Most of APT28s’ campaigns leveraged spear-phishing and malware-based attacks.

Military

Military IoT Phishing Government

Microsoft disrupted APT28 attacks on Ukraine through a court order

Security Affairs

APRIL 8, 2022

The APT28 group (aka Fancy Bear , Pawn Storm , Sofacy Group , Sednit , and STRONTIUM ) has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. Most of APT28s’ campaigns leveraged spear-phishing and malware-based attacks.

Military

Military Government Phishing Security

Russian APT groups target European governments ahead of May Elections

Security Affairs

MARCH 22, 2019

The APT28 group has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. According to a report published by Symantec in October, the group was actively conducting cyber espionage campaigns against government and military organizations in Europe and South America.

Government

Government Military Phishing Access

NATO and the EU formally condemned Russia-linked APT28 cyber espionage

Security Affairs

MAY 5, 2024

The experts highlighted that over the previous 20 months, the APT group targeted at least 30 organizations within 14 nations that are probably of strategic intelligence significance to the Russian government and its military. Most of the APT28s’ campaigns leveraged spear-phishing and malware-based attacks.

Military

Military Government Phishing Authentication

The History of Malware: A Primer on the Evolution of Cyber Threats

IBM Big Data Hub

NOVEMBER 6, 2023

Ransomware: One of the most dangerous types of malware, ransomware attacks take control of critical computer systems or sensitive data, locking users out and requiring exorbitant ransoms in cryptocurrency like Bitcoin in exchange for regained access. The attack is an early example of social engineering and phishing.

Ransomware

Ransomware Phishing Encryption IoT

Microsoft says Russian APT28 espionage group hit Democratic Institutions in Europe

Security Affairs

FEBRUARY 20, 2019

The APT28 group has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. According to a report published by Symantec in October, the group was actively conducting cyber espionage campaigns against government and military organizations in Europe and South America. .”

Military

Military Phishing Government Access

Microsoft says Russian hackers continue targeting 2018 midterm elections

Security Affairs

AUGUST 21, 2018

The Russian APT group tracked as APT28 (aka Fancy Bear , Pawn Storm , Sofacy Group , Sednit , and STRONTIUM ) has been active since at least 2007 and operates under the Russian military agency GRU and continues to target US politicians. ” continues Microsoft. Microsoft blamed the Russian APT28 group for the attacks.

Military

Military Education Phishing Authentication

Information Management Today

Russia-linked APT28 used post-compromise tool GooseEgg to exploit CVE-2022-38028 Windows flaw

U.S. Hacks QakBot, Quietly Removes Botnet Infections

Trending Sources

Russia-linked APT8 exploited Outlook zero-day to target European NATO members

Russia-linked APT28 group spotted exploiting Outlook flaw to hijack MS Exchange accounts

Russia-linked APT28 uses fake Windows Update instructions to target Ukraine govt bodies

Russia-linked APT28 has been scanning vulnerable email servers in the last year

Russia-linked APT28 uses COVID-19 lures to deliver Zebrocy malware

US and UK agencies warn of Russia-linked APT28 exploiting Cisco router flaws

FBI and NSA joint report details APT28’s Linux malware Drovorub

Microsoft disrupted APT28 attacks on Ukraine through a court order

Russian APT groups target European governments ahead of May Elections

NATO and the EU formally condemned Russia-linked APT28 cyber espionage

The History of Malware: A Primer on the Evolution of Cyber Threats

Microsoft says Russian APT28 espionage group hit Democratic Institutions in Europe

Microsoft says Russian hackers continue targeting 2018 midterm elections

Stay Connected