June 28, 2024 at 05:48AM TeamViewer detected a network compromise by a Russian APT group. The company’s internal IT environment was affected, but there’s no evidence of impact on the product environment or customer data. NCC Group and Health-ISAC reported the APT group’s involvement, recommending a review of remote desktop traffic. TeamViewer promises transparency during … Read more
April 18, 2024 at 04:04PM The FIN7 threat group recently conducted a spear-phishing attack on a major US-based automotive manufacturer, using a malicious URL to install the Anunak backdoor and gain initial access to high-level IT employee accounts. BlackBerry’s threat and research team halted the attack before ransomware deployment. FIN7 has expanded its targets beyond … Read more
February 1, 2024 at 03:56PM A Russian advanced persistent threat (APT) group, believed to be related to Shuckworm, has initiated a targeted PowerShell attack campaign against the Ukrainian military using a newly discovered backdoor, STEADY#URSA. The attackers employ various evasion and obfuscation techniques, and their approach involves distributing malicious payloads through phishing emails and USB … Read more
December 7, 2023 at 04:48PM The US cybersecurity agency, CISA, issued a warning about the Russian ‘Star Blizzard’ APT, which is conducting a spear-phishing operation against sectors including academia, defense, government, NGOs, and think-tanks. Takeaways from Meeting Notes: 1. The US cybersecurity agency has issued an alert regarding a Russian Advanced Persistent Threat (APT) known … Read more