What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2018-04-24 12:56:02 | Sednit update: Analysis of Zebrocy (lien direct) | Zebrocy heavily used by the Sednit group over last two years | APT 28 | ||
 |
2018-03-16 14:40:02 | Sofacy Targets European Govt as U.S. Accuses Russia of Hacking (lien direct) | Just as the U.S. had been preparing to accuse Russia of launching cyberattacks against its energy and other critical infrastructure sectors, the notorious Russia-linked threat group known as Sofacy was spotted targeting a government agency in Europe. The United States on Thursday announced sanctions against Russian spy agencies and more than a dozen individuals for trying to influence the 2016 presidential election and launching cyberattacks, including the destructive NotPetya campaign and operations targeting energy firms. The Department of Homeland Security and Federal Bureau of Investigation issued a joint technical alert via US-CERT last year to warn about attacks launched by a group known as Dragonfly, Crouching Yeti and Energetic Bear on critical infrastructure. Researchers previously linked Dragonfly to the Russian government and now the DHS has officially stated the same. US-CERT has updated its alert with some additional information. The new version of the alert replaces “APT actors” with “Russian government cyber actors.” The DHS said that based on its analysis of malware and indicators of compromise, Dragonfly attacks are ongoing, with threat actors “actively pursuing their ultimate objectives over a long-term campaign.” This is not the first time the U.S. has imposed sanctions on Russia over its attempt to influence elections. Russia has also been accused by Washington and others of launching the NotPetya attack last year. The Kremlin has always denied the accusations, but President Vladimir Putin did admit at one point that patriotic hackers could be behind the attacks. If Dragonfly and Sofacy (aka Fancy Bear, APT28, Sednit, Tsar Team and Pawn Storm) are truly operating out of Russia, they don't seem to be discouraged by sanctions and accusations. On March 12 and March 14, security firm Palo Alto Networks spotted attacks launched by Sofacy against an unnamed European government agency using an updated variant of a known tool. Sofacy has been using a Flash Player exploit platform dubbed DealersChoice since at least 2016 and it has continued improving it. The latest version has been delivered to a government organization in Europe using a spear phishing email referencing the “Underwat | NotPetya APT 28 | ||
|
2018-03-13 15:50:02 | (Déjà vu) Usual Threats, But More Sophisticated and Faster: Report (lien direct) | Almost Every Type of Cyber Attack is Increasing in Both Volume and Sophistication Eight new malware samples were recorded every second during the final three months of 2017. The use of fileless attacks, primarily via PowerShell, grew; and there was a surge in cryptocurrency hijacking malware. These were the primary threats outlined in the latest McAfee Lab's Threat Report (PDF) covering Q4 2017. The growth of cryptomining malware coincided with the surge in Bitcoin value, which peaked at just under $20,000 on Dec. 22. With the cost of dedicated mining hardware at upwards of $5,000 per machine, criminals chose to steal users' CPU time via malware. It demonstrates how criminals always follow the money, and choose the least expensive method of acquiring it with the greatest chance of avoiding detection. Since December, Bitcoin's value has fallen to $9,000 (at the time of publishing). Criminals' focus on Bitcoin is likewise being modified, with Ethereum and Monero becoming popular. Last week, Microsoft discovered a major campaign focused on stealing Electroneum. "We currently see discussions in underground forums that suggest moving from Bitcoin to Litecoin because the latter is a safer model with less chance of exposure," comments Raj Samani, chief scientist and McAfee fellow with the Advanced Threat Research Team. The speed with which criminals adapt to their latest market conditions is also seen in the way they maximize their asymmetric advantage. "Adversaries," writes Samani, "have the luxury of access to research done by the technical community, and can download and use opensource tools to support their campaigns, while the defenders' level of insight into cybercriminal activities is considerably more limited, and identifying evolving tactics often must take place after malicious campaigns have begun." Examples of attackers making use of legitimate research include Fancy Bear (APT28) leveraging a Microsoft Office Dynamic Data Exchange technique in November 2017 that had been made public just a few we | NotPetya Equifax APT 28 | ||
 |
2018-03-10 09:38:00 | Sofacy/Fancy Bear s\'oriente vers des cibles militaires et diplomatiques en Extrême-Orient (lien direct) |  Les chercheurs de Kaspersky Lab ont observé que le groupe malveillant russophone Sofacy, également connu sous le nom de APT28 ou Fancy Bear, déplace son terrain d'action vers l'Extrême-Orient, avec un intérêt marqué pour des cibles militaires et diplomatiques, en plus de celles traditionnellement liées à l'OTAN. |
APT 28 | ||
 |
2018-03-01 11:51:01 | Germany Blames Russian Black-Hat Hackers for Breach of Federal Agencies (lien direct) | German officials are blaming Russian-linked black-hat hackers for breaching several federal agencies and stealing sensitive information. On 28 February, sources told Deutsche Presse-Agentur (dpa) that the Russian digital espionage group APT28 used malware to target the German government’s secure computer network. The attack is believed to have affected multiple agencies, including the foreign and defense […]… Read More | APT 28 | ||
 |
2018-03-01 08:38:02 | DPA Report: Russia-linked APT28 group hacked Germany\'s government network (lien direct) | Germany Government confirmed that hackers had breached its computer network and implanted a malware that was undetected for one year. German news agency DPA reported that Russian hackers belonging to the APT28 group (aka Fancy Bear, Pawn Storm, Sednit, Sofacy, and Strontium) have breached Germany’s foreign and interior ministries’ online networks. The agency, quoting unnamed security sources, revealed that the […] | APT 28 | ||
 |
2018-03-01 08:10:05 | Infamous Russian Cyber-Espionage Group Hacks German Government (lien direct) | APT28, an infamous cyber-espionage unit that many security firms believe is acting at the behest of the Russian government, has hacked various German government agencies for more than a year. [...] | APT 28 | ||
|
2018-02-23 13:51:02 | Qu\'est-ce qu\'un malware " macro-less " et pourquoi cela vous dit-il quelque chose ? (lien direct) |  L'année dernière, des pirates liés au groupe de hackers russe APT28 ont démarré une attaque comme en 1999 avec un malware basé sur Microsoft Word qui ne déclenche aucune alerte de sécurité dans son parcours. Ces types d'attaques sont appelées " macro-less malware " car ils contournent les alertes de sécurité mises en place dans les logiciels Microsoft Office en réponse aux macro malwares traditionnels tels que le virus Melissa à la fin du 20ème siècle. |
APT 28 | ||
|
2018-02-21 20:25:00 | Russia-linked Sofacy APT group shift focus from NATO members to towards the Middle East and Central Asia (lien direct) | Experts from Kaspersky highlighted a shift focus in the Sofacy APT group’s interest, from NATO member countries and Ukraine to towards the Middle East and Central Asia. The Russia-linked APT28 group (aka Pawn Storm, Fancy Bear, Sofacy, Sednit, Tsar Team and Strontium.) made the headlines again, this time security experts from Kaspersky highlighted a shift focus in their interest, from NATO member […] | APT 28 | ||
|
2018-02-20 18:41:02 | Russian Cyberspies Shift Focus From NATO Countries to Asia (lien direct) | The Russia-linked cyber espionage group known as Sofacy, APT28, Fancy Bear, Pawn Storm, Sednit and Strontium has shifted its focus from NATO member countries and Ukraine to Central Asia and even further east, Kaspersky Lab reported on Tuesday. | APT 28 | ||
 |
2018-02-02 09:55:56 | Which is most the dangerous global hacking cyber group? – AlienVault research (lien direct) | >AlienVault researchers have listed Sofacy, also known as Fancy Bear or APT28, as the most capable hacking group in the world. This was based on ranking the top threat actors which have been reported the most frequently on the AlienVault Open Threat Exchange (OTX) Platform. The results were then formulated to measure the cyber ... | APT 28 | ||
 |
2018-01-30 13:40:00 | OTX Trends Part 3 - Threat Actors (lien direct) |
By Javvad Malik and Chris Doman
This is the third of a three part series on trends identified by AlienVault in 2017.
Part 1 focused on exploits and part 2 addressed malware. This part will discuss threat actors and patterns we have detected with OTX.
Which threat actors should I be most concerned about?
Which threat actors your organization should be most concerned about will vary greatly. A flower shop will have a very different threat profile from a defense contractor. Therefore below we’ve limited ourselves to some very high level trends of particular threat actors below- many of which may not be relevant to your organisation.
Which threat actors are most active?
The following graph describes the number of vendor reports for each threat actor over the past two years by quarter:
For clarity, we have limited the graph to the five threat actors reported on most in OTX. This is useful as a very rough indication of which actors are particularly busy.
Caveats
There are a number of caveats to consider here. One news-worthy event against a single target may be reported in multiple vendor reports. Whereas a campaign against thousands of targets may be only represented by one report.
Vendors are also more inclined to report on something that is “commercially interesting”. For example activity targeting banks in the United States is more likely to be reported than attacks targeting the Uyghur population in China. It’s also likely we missed some reports, particularly in the earlier days of OTX which may explain some of the increase in reports between 2016 and 2017.
The global targeted threat landscape
There are a number of suggested methods to classify the capability of different threat actors. Each have their problems however. For example – if a threat actor never deploys 0-day exploits do they lack the resources to develop them, or are they mature enough to avoid wasting resources unnecessarily?
Below we have plotted out a graph of the threat actors most reported on in the last two years. We have excluded threat actors whose motivation is thought to be criminal, as that wouldn’t be an apples to apples comparison.
Both the measure of their activity (the number of vendor reports) and the measure of their capability (a rough rule of thumb) are not scientific, but can provide some rough insights:
A rough chart of the activity and capability of notable threat actors in the last year
Perhaps most notable here is which threat actors are not listed here. Some, such as APT1 and Equation Group, seem to have disappeared under their existing formation following from very public reporting. It seems unlikely groups which likely employ thousands of people such as those have disappeared completely. The lack of such reporting is more likely a result of significantly changed tactics and identification following their outing. Others remain visibly active, but not enough to make our chart of “worst offenders”.
A review of the most reported on threat actors
The threat actor referenced i |
APT 38 APT 28 APT 10 APT 3 APT 1 APT 34 | ||
 |
2018-01-12 13:00:23 | Update on Pawn Storm: New Targets and Politically Motivated Campaigns (lien direct) | The active espionage actor group Pawn Storm didn't shy away from continuing their brazen attacks in the second half of 2017. Pawn Storm's attacks usually are not isolated incidents. We can often relate them to earlier attacks by carefully looking at the technical indicators and motives. Post from: Trendlabs Security Intelligence Blog - by Trend Micro Update on Pawn Storm: New Targets and Politically Motivated Campaigns | APT 28 | ||
|
2017-12-23 13:48:25 | Russian Fancy Bear APT Group improves its weapons in ongoing campaigns (lien direct) | >Fancy Bear APT group refactored its backdoor and improved encryption to make it stealthier and harder to stop. The operations conducted by Russian Fancy Bear APT group (aka Sednit, APT28, and Sofacy,  Pawn Storm, and Strontium) are even more sophisticated and hard to detect due to. According to a new report published by experts from security firm ESET, the […] | APT 28 | ||
 |
2017-12-21 16:20:00 | Russia\'s Fancy Bear APT Group Gets More Dangerous (lien direct) | Encryption and code refreshes to group's main attack tool have made it stealthier and harder to stop, ESET says. | APT 28 | ||
|
2017-12-21 13:58:28 | Sednit update: How Fancy Bear Spent the Year (lien direct) | Over the past few years the Sednit group has used various techniques to deploy their various components on targets computers. The attack usually starts with an email containing either a malicious link or malicious attachment. | APT 28 | ||
|
2017-11-15 10:00:45 | November\'s Patch Tuesday Includes Defense in Depth Update for Attacks Abusing Dynamic Data Exchange (lien direct) | Microsoft rolled out fixes for over 50 security issues in this month's Patch Tuesday. The updates cover vulnerabilities and bugs in the Windows operating system, Internet Explorer (IE), Edge, ASP .NET Core, Chakra Core browsing engine, and Microsoft Office. Microsoft also released a security advisory providing defense-in-depth mitigations against attacks abusing the Dynamic Data Exchange (DDE) protocol in light of recent attacks misusing this feature. Abusing DDE isn't new, but the method has made a resurgence with reports of cyberespionage and cybercriminal groups such as Pawn Storm, Keyboy, and FIN7 leveraging it to deliver their payloads. Post from: Trendlabs Security Intelligence Blog - by Trend Micro November's Patch Tuesday Includes Defense in Depth Update for Attacks Abusing Dynamic Data Exchange | APT 28 APT 23 | ||
 |
2017-11-14 19:30:02 | Fancy Bears Use Microsoft Vulnerability To Play On US Terrorism Fears (lien direct) | The ISBuzz Post: This Post Fancy Bears Use Microsoft Vulnerability To Play On US Terrorism Fears | APT 28 | ||
|
2017-11-10 11:43:05 | Fancy Bear found distributing malware again (lien direct) | >The Russian linked hacking group Fancy Bear has been discovered in delivering malware to targeted users by exposing a recently disclosed technique that involves Microsoft Windows feature Dynamic Data Exchange. View Full Story ORIGINAL SOURCE: Security Week | APT 28 | ||
|
2017-11-09 06:54:05 | Russia-Linked APT28 group observed using DDE attack to deliver malware (lien direct) | >Security experts at McAfee observed the Russian APT28 group using the recently reported the DDE attack technique to deliver malware in espionage campaign. Security experts at McAfee observed the Russian APT group APT28 using the recently reported the DDE technique to deliver malware in targeted attacks. The cyber spies were conducting a cyber espionage campaign that involved blank documents […] | APT 28 | ||
 |
2017-11-09 01:14:31 | Russian \'Fancy Bear\' Hackers Using (Unpatched) Microsoft Office DDE Exploit (lien direct) | Cybercriminals, including state-sponsored hackers, have started actively exploiting a newly discovered Microsoft Office vulnerability that Microsoft does not consider as a security issue and has already denied to patch it.
Last month, we reported how hackers could leverage a built-in feature of Microsoft Office feature, called Dynamic Data Exchange (DDE), to perform code execution on the
|
APT 28 | ||
|
2017-11-08 08:41:21 | Russia-Linked Spies Deliver Malware via DDE Attack (lien direct) | The Russia-linked cyber espionage group tracked as APT28 and Fancy Bear has started delivering malware to targeted users by leveraging a recently disclosed technique involving Microsoft Office documents and a Windows feature called Dynamic Data Exchange (DDE). | APT 28 | ||
 |
2017-11-07 18:00:00 | Threat Group APT28 Slips Office Malware into Doc Citing NYC Terror Attack (lien direct) | 
This blog post was co-written by Michael Rea. During our monitoring of activities around the APT28 threat group, McAfee Advanced Threat Research analysts identified a malicious Word document that appears to leverage the Microsoft Office Dynamic Data Exchange (DDE) technique that has been previously reported by Advanced Threat Research. This document likely marks the first …
|
APT 28 | ★★★★ | |
 |
2017-11-05 16:59:02 | Dark Markets do it better, surveying the Phishing underground and dissecting a Fancy Bear attack (lien direct) | In episode 69 of The Security Ledger podcast, we speak with Luca Allodi of The University of Eindhoven in The Netherlands about research on the functioning of dark markets. Also: DUO Security researched the trade in phishing toolkits – you’ll be surprised at what they learned. And we deconstruct a campaign against the citizen...Read the whole entry... _!fbztxtlnk!_ https://feeds.feedblitz.com/~/486500376/0/thesecurityledger -->» | APT 28 | ||
|
2017-11-03 08:52:21 | Russian \'Fancy Bear\' Hackers Abuse Blogspot for Phishing (lien direct) | The cyber espionage group known as Fancy Bear, which is widely believed to be backed by the Russian government, has been abusing Google's Blogspot service in recent phishing attacks. | APT 28 | ||
|
2017-11-02 21:51:07 | AP: Russia hackers had targets worldwide, beyond US election (lien direct) | The Associated Press is reporting on a trove of data accidentally leaked by the Russian-backed advanced persistent threat (APT) group known as Fancy Bear that suggests the group conducted a years-long campaign against targets in the US, Ukraine, Russia, Georgia and Syria. The documents, which were discovered by the security firm Secureworks,...Read the whole entry... _!fbztxtlnk!_ https://feeds.feedblitz.com/~/484600838/0/thesecurityledger -->» | APT 28 | ||
|
2017-10-29 09:28:35 | Security Affairs newsletter Round 134 – News of the week (lien direct) | >A new round of the weekly SecurityAffairs newsletter arrived! The best news of the week with Security Affairs. Once again thank you! ·Â Â Â Â Â A leaked document raises a doubt about NSA knew the #Krack attack since 2010 ·Â Â Â Â Â APT28 group is rushing to exploit recent CVE-2017-11292 Flash 0-Day before users apply the patches ·Â Â Â Â Â DHS […] | APT 28 | ||
|
2017-10-26 15:16:29 | Fancy Bear Hackers Race To Exploit Flash Bug Against The US And Europe (lien direct) | The ISBuzz Post: This Post Fancy Bear Hackers Race To Exploit Flash Bug Against The US And Europe | APT 28 | ||
|
2017-10-24 06:32:53 | Latest Russia-linked APT28 campaign targeting security experts (lien direct) | >Russian cyber espionage group APT28 targeted individuals with spear-phishing messages using documents referencing a NATO cybersecurity conference. Researchers with Cisco Talos have spotted a Russian cyber espionage group targeting individuals with spear-phishing messages using documents referencing a NATO cybersecurity conference. Experts attributed the attack to the dreaded Russian APT28 group, aka Pawn Storm, Fancy Bear, Sofacy, Group 74, Sednit, […] | APT 28 | ||
|
2017-10-22 11:29:08 | APT28 group is rushing to exploit recent CVE-2017-11292 Flash 0-Day before users apply the patches (lien direct) | >The APT28 group is trying to exploit the CVE-2017-11292 Flash zero-day before users receive patches or update their systems. Security experts at Proofpoint collected evidence of several malware campaigns, powered by the Russian APT28 group, that rely on a Flash zero-day vulnerability that Adobe patched earlier this week. According to the experts who observed attacks on organizations […] | APT 28 | ||
|
2017-10-20 11:06:44 | Russian Hackers Exploit Recently Patched Flash Vulnerability (lien direct) | The Russia-linked cyber espionage group known as APT28 has been using a recently patched Adobe Flash Player vulnerability in attacks aimed at government organizations and aerospace companies, security firm Proofpoint reported on Thursday. | APT 28 | ||
|
2017-10-20 10:04:46 | Fancy Bear Hackers rush to Exploit Flash bug (lien direct) | >Russian hacking group, the Fancy Bear’s, are rushing to exploit the recently disclosed Adobe Flash bug before patches are widely used. View Full Story ORIGINAL SOURCE: IBTimes | APT 28 | ||
|
2017-10-20 00:30:00 | Russian Cyberspies Are Rushing to Exploit Recent Flash 0-Day Before It Goes Cold (lien direct) | A cyber-espionage group identified in the cyber-security industry as APT28 and believed to be operating under the supervision of the Russian state has recently dispatched several malware distribution campaigns that try to take advantage of a Flash zero-day vulnerability that Adobe patched earlier this week. [...] | APT 28 | ★★★★★ | |
|
2017-10-05 04:55:20 | CSE CybSec ZLAB Malware Analysis Report: APT28 Hospitality malware (lien direct) | The CSE CybSec Z-Lab Malware Lab analyzed the Hospitality malware used by the Russian APT28 group to target hotels in several European countries. The Russian hacker group APT28, also known as Sofacy or Fancy Bear, is believed to be behind a series of attacks in last July against travelers staying in hotels in Europe and Middle […] | APT 28 | ||
|
2017-09-12 09:21:47 | FA to beef up cybersecurity if England qualify for Russia World Cup (lien direct) | The FA will strengthen its cybersecurity before the 2018 World Cup amid fears about Russian hackers Fancy Bears and concern that tactical and team selection information could be leaked before games. England are top of Group F and on course to qualify automatically for the tournament which begins on 14 June. The FA is still assessing training ... | APT 28 | ||
|
2017-08-29 11:07:06 | Selon FireEye, le groupe APT28 cible le secteur de l\'hôtellerie (lien direct) |  Selon FireEye, le groupe APT28 cible le secteur de l'hôtellerie, ce qui présente une menace pour les voyageurs. |
APT 28 | ||
 |
2017-08-25 12:59:44 | Fancy Bear : Fuite de données sur le dopage dans le football ! (lien direct) | Piratage de données de santé ! Ce mardi 22 Août, un groupe de pirates informatique a publié... Cet article Fancy Bear : Fuite de données sur le dopage dans le football ! est diffusé par Data Security Breach. | APT 28 | ||
|
2017-08-24 08:00:14 | Fancy Bears Leak Names Of Footballers Using Banned Medicines During World Cup In 2010 (lien direct) | The ISBuzz Post: This Post Fancy Bears Leak Names Of Footballers Using Banned Medicines During World Cup In 2010 | APT 28 | ||
 |
2017-08-23 04:30:44 | Russian hackers expose allegedly doping footballers (lien direct) | Russian hacking group Fancy Bear has exposed 150 footballers worldwide for allegedly taking banned substances, underlining the importance of protecting personal data | APT 28 | ||
 |
2017-08-15 16:22:58 | Fancy Bear bites hotel networks as EternalBlue mystery deepens (lien direct) | The attack, presumably to spy on high-value hotel guests, is textbook Fancy Bear, say researchers |
APT 28 | ||
 |
2017-08-12 12:00:32 | APT28 Using EternalBlue to Attack Hotels in Europe, Middle East (lien direct) | Researchers believe attacks against wi-fi systems in hotels across Europe and the Middle East track back to Russian-speaking hackers known as APT28. | APT 28 | ||
 |
2017-08-11 08:00:00 | APT28 cible le secteur de l'hôtellerie, présente une menace pour les voyageurs APT28 Targets Hospitality Sector, Presents Threat to Travelers (lien direct) |
Fireeye a une confiance modérée qu'une campagne ciblant le secteur de l'hôtellerie est attribuée à l'acteur russe apt28 .Nous pensons que cette activité, qui remonte au moins en juillet 2017, était destinée à cibler les voyageurs dans des hôtels à travers l'Europe et le Moyen-Orient.L'acteur a utilisé plusieurs techniques notables dans ces incidents tels que renifler les mots de passe du trafic Wi-Fi, empoisonner le service de nom NetBios et se propager latéralement via le eternalblue exploit.
APT28 utilise un document malveillant pour cibler l'industrie hôtelière
Fireeye a découvert un document malveillant envoyé en lance
FireEye has moderate confidence that a campaign targeting the hospitality sector is attributed to Russian actor APT28. We believe this activity, which dates back to at least July 2017, was intended to target travelers to hotels throughout Europe and the Middle East. The actor has used several notable techniques in these incidents such as sniffing passwords from Wi-Fi traffic, poisoning the NetBIOS Name Service, and spreading laterally via the EternalBlue exploit. APT28 Uses Malicious Document to Target Hospitality Industry FireEye has uncovered a malicious document sent in spear |
Threat | Wannacry APT 28 APT 28 | ★★★★ |
 |
2017-07-25 12:40:52 | Microsoft a initié une véritable guérilla contre les hackers d\'APT28 (lien direct) | L'éditeur a littéralement porté plainte contre le groupe de pirate russe. Ce qui lui permet de mettre la main sur une partie de son infrastructure technique.  |
APT 28 | ★★★ | |
|
2017-07-25 11:45:09 | Tech Firms Target Domains Used by Russia-linked Threat Group (lien direct) | Tech companies ThreatConnect and Microsoft are moving toward exposing and taking down domains associated with Russia-linked threat group known as Fancy Bear. | APT 28 | ||
|
2017-07-24 16:11:50 | Microsoft opens up a new front in the battle against Fancy Bear (lien direct) | Microsoft's lawyers have gone after the the hacking group's web domains - with some success |
APT 28 | ||
 |
2017-07-21 18:55:14 | Microsoft\'s secret weapon in ongoing struggle against Fancy Bear? Trademark law (lien direct) | "Redirecting…Strontium domains will directly disrupt current Strontium infrastructure." | APT 28 | ||
|
2017-07-21 01:53:45 | How Microsoft Cleverly Cracks Down On "Fancy Bear" Hacking Group (lien direct) | What could be the best way to take over and disrupt cyber espionage campaigns?
Hacking them back?
Probably not. At least not when it's Microsoft, who is continuously trying to protect its users from hackers, cyber criminals and state-sponsored groups.
It has now been revealed that Microsoft has taken a different approach to disrupt a large number of cyber espionage campaigns conducted by "
|
APT 28 | ||
|
2017-06-07 07:15:33 | Selon FireEye, le groupe russe APT28 est à l\'origine de cyberattaques contre le gouvernement du Monténégro (lien direct) |  En raison de son adhésion à l'OTAN, le Monténégro sera probablement la cible de nouvelles attaques similaires. Selon FireEye, le groupe russe APT28 serait impliqué... |
APT 28 | ||
|
2017-06-02 15:33:37 | Bodies Held to Ransom – Tsar Team Hack (lien direct) | This week saw thousands of private photos leaked online, following the hack of a Lithuanian cosmetic surgery clinic. The cybercriminals, who have dubbed themselves the 'Tsar Team', have leaked images they claim come directly from the Grozio Chirurgija clinic services. This follows the group holding the images, many of which were sensitive in nature, to ... | APT 28 | ||
|
2017-05-25 22:52:31 | Report: Major Upgrade, Investments Needed to Secure Connected Vehicles, Infrastructure (lien direct) | In-brief: a report by the Cloud Security Alliance calls for a bottom up remake of infrastructure to support connected vehicles and warns of more, serious attacks as connected vehicles begin interacting with each other and with connected – but insecure – infrastructure. The ecosystem of connected vehicles is in full expansion, but car...Read the whole entry... _!fbztxtlnk!_ https://feeds.feedblitz.com/~/333997546/0/thesecurityledger -->»Related StoriesEmboldened, Fancy Bear hacking crew targets French, German PoliticiansReport warns of Robot Hacks, TamperingFBI: Business Email Compromise is a $5 Billion Industry | APT 28 |
To see everything:
Our RSS (filtrered)
