2007, Accountability, Information Security and Phishing

Russia-linked APT28 group spotted exploiting Outlook flaw to hijack MS Exchange accounts

Security Affairs

DECEMBER 5, 2023

Microsoft warns that the Russia-linked APT28 group is actively exploiting the CVE-2023-23397 Outlook flaw to hijack Microsoft Exchange accounts. Most of the APT28s’ campaigns leveraged spear-phishing and malware-based attacks. The vulnerability is a Microsoft Outlook spoofing vulnerability that can lead to an authentication bypass.

Accountability

Accountability Government Phishing Authentication

France agency ANSSI warns of Russia-linked APT28 attacks on French entities

Security Affairs

OCTOBER 27, 2023

The APT28 group (aka Fancy Bear , Pawn Storm , Sofacy Group , Sednit , BlueDelta, and STRONTIUM ) has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. Most of the APT28s’ campaigns leveraged spear-phishing and malware-based attacks.

Government

Government Phishing Accountability Hacking

Russia-linked APT28 has been scanning vulnerable email servers in the last year

Security Affairs

MARCH 20, 2020

The APT28 group (aka Fancy Bear , Pawn Storm , Sofacy Group , Sednit , and STRONTIUM ) has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. It is unclear why APT28 is using compromised email accounts of (mostly) defense companies in the Middle East.

Phishing

Phishing Accountability Advertising DNS

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

Google warns of APT28 attack attempts against 14,000 Gmail users

Security Affairs

OCTOBER 8, 2021

Google warned more than 14,000 Gmail users that they have been the target of nation-state spear-phishing campaigns. Shane Huntley, the head of the Threat Analysis Group (TAG), wrote on Twitter that his group had sent an above-average batch of government-backed security warnings. . .” ” Huntley added. “At

Phishing

Phishing Government Hacking Accountability

NATO and the EU formally condemned Russia-linked APT28 cyber espionage

Security Affairs

MAY 5, 2024

. “The Federal Government’s national attribution procedure regarding this campaign has concluded that, for a relatively long period, the cyber actor APT28 used a critical vulnerability in Microsoft Outlook that remained unidentified at the time to compromise numerous email accounts.”

Government

Government Accountability Cyber Attacks Telecommunications

China-linked APT41 group spotted using open-source red teaming tool GC2

Security Affairs

APRIL 17, 2023

The APT41 group, aka Winnti , Axiom, Barium , Blackfly, HOODOO) is a China-linked cyberespionage group that has been active since at least 2007. The attack took place in October 2022, threat actors sent phishing emails that contained links to a password-protected file hosted in Drive. ” continues the report.

Media

Media Accountability Government Malware

Russia-linked APT8 exploited Outlook zero-day to target European NATO members

Security Affairs

DECEMBER 7, 2023

The APT28 group (aka Fancy Bear , Pawn Storm , Sofacy Group , Sednit , BlueDelta, and STRONTIUM ) has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. Most of the APT28s’ campaigns leveraged spear-phishing and malware-based attacks.

Government

Government Telecommunications Accountability Phishing

Russia-linked APT28 uses fake Windows Update instructions to target Ukraine govt bodies

Security Affairs

APRIL 30, 2023

CERT-UA warns of a spear-phishing campaign conducted by APT28 group targeting Ukrainian government bodies with fake ‘Windows Update’ guides. Most of the APT28s’ campaigns leveraged spear-phishing and malware-based attacks. The group was involved also in the string of attacks that targeted 2016 Presidential election.

System Administration

System Administration Government Phishing Malware

North Korea-linked Zinc group posed as Samsung recruiters to target security firms

Security Affairs

NOVEMBER 28, 2021

North Korea-linked threat actors posed as Samsung recruiters in a spear-phishing campaign aimed at employees at South Korean security firms. According to the Google Threat Horizons report, the state-sponsored hackers sent fake job offers to employees at the security companies. . ” reads the Google Threat Horizons report.

Malware

Malware Phishing Antivirus Hacking

North Korea-linked Lazarus APT targets defense industry with ThreatNeedle backdoor

Security Affairs

FEBRUARY 25, 2021

The attack chain starts with COVID19-themed spear-phishing messages that contain either a malicious Word attachment or a link to one hosted on company servers. . Next, the attackers logged in to the web interface using a privileged root account. ” reads the report published by the experts.

Malware

Malware Cryptocurrency Password Management Encryption

US and UK agencies warn of Russia-linked APT28 exploiting Cisco router flaws

Security Affairs

APRIL 19, 2023

The APT28 group (aka Fancy Bear , Pawn Storm , Sofacy Group , Sednit , and STRONTIUM ) has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. Most of the APT28s’ campaigns leveraged spear-phishing and malware-based attacks.

Malware

Malware Firmware Government Education

The Life and Death of Passwords: Improving Security With Passwords and People

Duo's Security Blog

MARCH 28, 2023

Humans are not the weakest link in information security. They’re the least invested in for security. Most of the attackers that you’ve seen usually start nowadays with a phishing attack. I’ve fallen for a phish. We need to get past this point where we think, “Oh, no one should ever fall for a phish.”

Passwords

Passwords Social Engineering Phishing Technology

Is APT27 Abusing COVID-19 To Attack People ?!

Security Affairs

MARCH 19, 2020

Today, many reports are describing how infamous attackers are abusing such an emergency time to lure people by sending thematic email campaigns or by using thematic IM within Malware or Phishing links. It hijacks method on an old office 2007 component (Office Data Provider for – MSOSTYLE.exe). Stage 4 is decoded and run by Stage 3.

Computers and Electronics

Computers and Electronics Penetration Testing Malware Cyber Attacks

Cyber Security Informer

Russia-linked APT28 group spotted exploiting Outlook flaw to hijack MS Exchange accounts

France agency ANSSI warns of Russia-linked APT28 attacks on French entities

Webinars

Trending Sources

Russia-linked APT28 has been scanning vulnerable email servers in the last year

Webinars

Google warns of APT28 attack attempts against 14,000 Gmail users

NATO and the EU formally condemned Russia-linked APT28 cyber espionage

China-linked APT41 group spotted using open-source red teaming tool GC2

Russia-linked APT8 exploited Outlook zero-day to target European NATO members

Russia-linked APT28 uses fake Windows Update instructions to target Ukraine govt bodies

North Korea-linked Zinc group posed as Samsung recruiters to target security firms

North Korea-linked Lazarus APT targets defense industry with ThreatNeedle backdoor

US and UK agencies warn of Russia-linked APT28 exploiting Cisco router flaws

The Life and Death of Passwords: Improving Security With Passwords and People

Is APT27 Abusing COVID-19 To Attack People ?!

Stay Connected