November 25, 2024 at 01:29PM Russian APT group Fancy Bear employed a novel “Nearest Neighbor” cyber-espionage technique during the Russia-Ukraine war, infiltrating a US organization by compromising nearby Wi-Fi networks. This remote attack underscores the security risks of proximity and emphasizes the need for stronger defenses against Wi-Fi vulnerabilities and enhanced monitoring practices. ### Meeting … Read more
May 7, 2024 at 07:09AM Germany recalled its ambassador to Russia for a week of consultations following an alleged hacker attack on Chancellor Olaf Scholz’s party. The government expressed serious concern over the incident and accused Russian military agents of cyberespionage, leading to diplomatic tensions between Germany and Russia. Other European countries also condemned the … Read more
May 5, 2024 at 10:39PM German officials have attributed a spate of cyberattacks on government agencies and private industry to APT28, a Russian threat actor linked to the GRU intelligence service. The attacks were reportedly in response to Germany’s decision to send tanks to Ukraine. The US has joined Germany in condemning the attacks and … Read more
May 4, 2024 at 07:57AM German officials accused Russian military agents of hacking Chancellor Olaf Scholz’s party and other sensitive targets, with NATO and European countries joining in condemning Russia’s cyberespionage actions. The hacking, attributed to Russian military cyber operators, targeted emails and institutions over several months. International efforts shut down the botnet used by … Read more
April 23, 2024 at 09:27AM A Russian APT group, Fancy Bear, has been using a tool called GooseEgg to exploit a vulnerability in the Windows Print Spooler service, enabling privileges elevation and credential theft in intelligence-gathering attacks globally. The group’s history includes targeting Microsoft product vulnerabilities for cyber-espionage, with significant recent activity in attacks against … Read more
February 28, 2024 at 07:45AM The US government has urged organizations and consumers to clean up their Ubiquiti routers following the dismantling of a botnet utilized by a Russian cyberespionage group known as APT28. The group, also called Fancy Bear, had been using compromised routers for covert operations since 2022, targeting various organizations worldwide. The … Read more
February 27, 2024 at 12:27PM Russian military hackers, tracked as APT28 and Fancy Bear, are using compromised Ubiquiti EdgeRouters to build botnets for cyber espionage. They target militaries, governments, and organizations worldwide by stealing credentials, hosting malicious tools, and phishing landing pages. The FBI advises performing a factory reset, upgrading firmware, changing credentials, and implementing … Read more
February 17, 2024 at 07:59AM The FBI dismantled a botnet of SOHO routers used by Russia’s GRU for cyber espionage. This network, controlled by GRU Military Unit 26165, targeted US and foreign governments, military entities, and organizations. The FBI remotely accessed the routers through “Operation Dying Ember” to delete stolen data, disable Moobot malware, and … Read more
February 15, 2024 at 04:19PM The US government recently thwarted a botnet utilized by Russia’s GRU military intelligence unit for cyber espionage. Over a thousand compromised routers were neutralized, hindering the use of Moobot malware for data theft and network attacks. The FBI and Justice Department played pivotal roles in dismantling the cyber tools, aiming … Read more
December 28, 2023 at 12:46PM Ukraine’s CERT warns of a new phishing campaign by APT28, a Russian hacker group known for targeting government and Western entities. The attack, occurring between December 15 and 25, 2023, deploys a new Python malware downloader, ‘MASEPIE,’ via phishing emails. APT28 also uses various tools for data theft and network … Read more