SEC News

What's new arround internet

Last one

Src	Date (GMT)	Titre	Description	Tags	Stories	Notes
	2024-11-22 14:33:54	Hackers breach US firm over Wi-Fi from Russia in \\'Nearest Neighbor Attack\\' (lien direct)	Russian state hackers APT28 (Fancy Bear/Forest Blizzard/Sofacy) breached a U.S. company through its enterprise WiFi network while being thousands of miles away, by leveraging a novel technique called "nearest neighbor attack." [...] Russian state hackers APT28 (Fancy Bear/Forest Blizzard/Sofacy) breached a U.S. company through its enterprise WiFi network while being thousands of miles away, by leveraging a novel technique called "nearest neighbor attack." [...]		APT 28	★★★★
	2024-05-03 11:47:35	L'OTAN et l'UE condamnent les cyberattaques de la Russie contre l'Allemagne, la Tchéche NATO and EU condemn Russia\\'s cyberattacks against Germany, Czechia (lien direct)	L'OTAN et l'Union européenne, avec des partenaires internationaux, ont officiellement condamné une campagne de cyber-espionnage à long terme contre les pays européens menés par le groupe de menaces russes APT28.[...] NATO and the European Union, with international partners, formally condemned a long-term cyber espionage campaign against European countries conducted by the Russian threat group APT28. [...]	Threat	APT 28	★★★
	2024-02-27 12:25:08	Les pirates russes détournent les routeurs Ubiquiti pour lancer des attaques furtives Russian hackers hijack Ubiquiti routers to launch stealthy attacks (lien direct)	Les pirates militaires russes de l'APT28 utilisent des Ubiquiti Edgerouters compromis pour échapper à la détection, a déclaré le FBI dans un avis conjoint délivré avec la NSA, le cyber commandement américain et les partenaires internationaux.[...] Russian APT28 military hackers are using compromised Ubiquiti EdgeRouters to evade detection, the FBI says in a joint advisory issued with the NSA, the U.S. Cyber Command, and international partners. [...]		APT 28	★★
	2023-11-19 11:14:25	Les pirates russes utilisent la fonctionnalité Ngrok et l'exploit Winrar pour attaquer les ambassades Russian hackers use Ngrok feature and WinRAR exploit to attack embassies (lien direct)	Après Sandworm et APT28 (connu sous le nom de Fancy Bear), un autre groupe de pirates russes parrainé par l'État, APT29, tire parti de la vulnérabilité CVE-2023-38831 dans Winrar pour les cyberattaques.[...] After Sandworm and APT28 (known as Fancy Bear), another state-sponsored Russian hacker group, APT29, is leveraging the CVE-2023-38831 vulnerability in WinRAR for cyberattacks. [...]	Vulnerability Threat	APT 29 APT 28	★★★
	2023-06-20 09:00:00	Les pirates russes APT28 violer les serveurs de courriels gouvernementaux ukrainiens Russian APT28 hackers breach Ukrainian govt email servers (lien direct)	Un groupe de menaces suivi comme APT28 et lié à la principale Direction du renseignement (GRU) de l'état-major de Russie a violé des serveurs de courriels ronds appartenant à plusieurs organisations ukrainiennes, y compris des entités gouvernementales.[...] A threat group tracked as APT28 and linked to Russia\'s General Staff Main Intelligence Directorate (GRU) has breached Roundcube email servers belonging to multiple Ukrainian organizations, including government entities. [...]	Threat	APT 28	★★
	2023-04-18 17:42:45	US, Royaume-Uni avertissant des pirates de gouvernement utilisant des logiciels malveillants personnalisés sur les routeurs Cisco US, UK warn of govt hackers using custom malware on Cisco routers (lien direct)	Les États-Unis, le Royaume-Uni et Cisco avertissent les pirates de pirates APT28 parrainés par l'État russe déploiement d'un logiciel malveillant personnalisé nommé \\ 'Jaguar Tooth \' sur les routeurs Cisco IOS, permettant un accès non authentifié à l'appareil.[...] The US, UK, and Cisco are warning of Russian state-sponsored APT28 hackers deploying a custom malware named \'Jaguar Tooth\' on Cisco IOS routers, allowing unauthenticated access to the device. [...]	Malware	APT 28	★★
	2021-11-10 12:08:04	Lazarus hackers target researchers with trojanized IDA Pro (lien direct)	A North Korean state-sponsored hacking group known as Lazarus is again trying to hack security researchers, this time with a trojanized pirated version of the popular IDA Pro reverse engineering application. [...]	Hack	APT 38 APT 28
	2021-10-26 13:23:54	North Korean state hackers start targeting the IT supply chain (lien direct)	North Korean-sponsored Lazarus hacking group has switched focus on new targets and was observed by Kaspersky security researchers expanding its supply chain attack capabilities. [...]		APT 38 APT 28
	2021-10-07 19:38:57	Google warns 14,000 Gmail users targeted by Russian hackers (lien direct)	Google has warned about 14,000 of its users about being targeted in a state-sponsored phishing campaign from APT28, a threat group that has been linked to Russia. [...]	Threat	APT 28
	2021-06-03 11:19:32	New SkinnyBoy malware used by Russian hackers to breach sensitive orgs (lien direct)	Security researchers have discovered a new piece of malware called SkinnyBoy that was used in spear-phishing campaigns attributed to Russian-speaking hacking group APT28. [...]	Malware	APT 28
	2021-04-08 09:01:17	North Korean hackers use new Vyveva malware to attack freighters (lien direct)	The North Korean-backed Lazarus hacking group used new malware with backdoor capabilities dubbed Vyveva by ESET researchers in targeted attacks against a South African freight logistics company. [...]	Malware	APT 38 APT 28
	2020-12-24 12:00:11	North Korean state hackers breach COVID-19 research entities (lien direct)	North Korean nation-state hackers tracked as the Lazarus Group have recently compromised organizations involved in COVID-19 research and vaccine development. [...]	Medical	APT 38 APT 28
	2020-12-08 12:48:37	Norway: Russian APT28 state hackers likely behind Parliament attack (lien direct)	Russian-backed hacking group APT28 has likely brute-forced multiple Norwegian Parliament (Stortinget) email accounts on August 24, 2020, according to the Norwegian Police Security Service (PST, short for Politiets Sikkerhetstjeneste). [...]		APT 28
	2019-01-16 11:07:00	LoJax Command and Control Domains Still Active (lien direct)	Security researchers have uncovered new details about the infrastructure used by LoJax UEFI rootkit used in attacks from APT28. The analysis revealed two command and control (C2) servers were still active in early 2019. [...]		APT 28
	2018-05-24 06:34:05	FBI Takes Control of APT28\'s VPNFilter Botnet (lien direct)	The US Federal Bureau of Investigation (FBI) has obtained court orders and has taken control of the command and control servers of a massive botnet of over 500,000 devices, known as the VPNFilter botnet. [...]		VPNFilter APT 28
	2018-05-02 06:17:05	APT28 Hackers Caught Hijacking Legitimate LoJack Software (lien direct)	Security researchers have found tainted versions of the legitimate LoJack software that appeared to have been sneakily modified to allow hackers inside companies that use it. [...]		APT 28
	2018-03-01 08:10:05	Infamous Russian Cyber-Espionage Group Hacks German Government (lien direct)	APT28, an infamous cyber-espionage unit that many security firms believe is acting at the behest of the Russian government, has hacked various German government agencies for more than a year. [...]		APT 28
	2017-10-20 00:30:00	Russian Cyberspies Are Rushing to Exploit Recent Flash 0-Day Before It Goes Cold (lien direct)	A cyber-espionage group identified in the cyber-security industry as APT28 and believed to be operating under the supervision of the Russian state has recently dispatched several malware distribution campaigns that try to take advantage of a Flash zero-day vulnerability that Adobe patched earlier this week. [...]		APT 28	★★★★★
	2017-02-15 07:35:38	Mac Malware Linked to Infamous Russian Cyber-Espionage Group (lien direct)	Russian cyberspies known as APT28 have created a Mac version of their famous XAgent (X-Agent, Sofacy) malware, which already has versions for Windows, iOS, and Android. [...]		APT 28

Last update at: 2025-05-10 16:07:24
See our sources.

To see everything: Our RSS (filtrered)