One Article Review
| Source |  Volexity |
|---|---|
| Identifiant | 8615982 |
| Date de publication | 2024-11-22 11:55:27 (vue: 2024-11-22 12:09:41) |
| Titre | The Nearest Neighbor Attack: How A Russian APT Weaponized Nearby Wi-Fi Networks for Covert Access |
| Texte | >KEY TAKEAWAYS Russian APT GruesomeLarch deployed a new attack technique leveraging Wi-Fi networks in close proximity to the intended target. The threat actor primarily leveraged living-off-the-land techniques. A zero-day privilege escalation was used to further gain access. Ukrainian-related work and projects were targeted in this attack, just ahead of Russian Invasion of Ukraine. In early February 2022, notably just ahead of the Russian invasion of Ukraine, Volexity made a discovery that led to one of the most fascinating and complex incident investigations Volexity had ever worked. The investigation began when an alert from a custom detection signature Volexity had deployed at a customer site (“Organization A”) indicated a threat actor had compromised a server on the customer\'s network. While Volexity quickly investigated the threat activity, more questions were raised than answers due to a very motivated and skilled advanced persistent threat (APT) actor, who was using a novel attack vector Volexity […]
>KEY TAKEAWAYS Russian APT GruesomeLarch deployed a new attack technique leveraging Wi-Fi networks in close proximity to the intended target. The threat actor primarily leveraged living-off-the-land techniques. A zero-day privilege escalation was used to further gain access. Ukrainian-related work and projects were targeted in this attack, just ahead of Russian Invasion of Ukraine. In early February 2022, notably just ahead of the Russian invasion of Ukraine, Volexity made a discovery that led to one of the most fascinating and complex incident investigations Volexity had ever worked. The investigation began when an alert from a custom detection signature Volexity had deployed at a customer site (“Organization A”) indicated a threat actor had compromised a server on the customer\'s network. While Volexity quickly investigated the threat activity, more questions were raised than answers due to a very motivated and skilled advanced persistent threat (APT) actor, who was using a novel attack vector Volexity […] |
| Notes | ★★ |
| Envoyé | Oui |
| Condensat | 2022 >key access activity actor advanced ahead alert answers apt attack attack: began close complex compromised covert custom customer day deployed detection discovery due early escalation ever fascinating february from further gain gruesomelarch had how incident indicated intended invasion investigated investigation investigations just land led leveraged leveraging living made more most motivated nearby nearest neighbor network networks new notably novel off one persistent primarily privilege projects proximity questions quickly raised related russian server signature site skilled takeaways target targeted technique techniques than the russian threat ukraine ukrainian used using vector very volexity weaponized when who work worked zero “organization |
| Tags | Vulnerability Threat |
| Stories | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.