What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2018-10-07 14:08:00 | APT28 group return to covert intelligence gathering ops in Europe and South America. (lien direct) | Experts from Symantec collected evidence that APT28 group returns to covert intelligence gathering operations in Europe and South America. APT28 state-sponsored group (aka Fancy Bear, Pawn Storm, Sofacy Group, Sednit, and STRONTIUM) seems to have shifted the focus for its operations away from election interference to cyber espionage activities. The APT28 group has been active since at least 2007 and it has targeted governments, […] | APT 28 | ||
 |
2018-10-06 09:00:02 | UK Accuses GRU Of Cyberattacks (lien direct) | Yesterday the UK and several other nations released statements regarding the recent cyber-attacks and linking them to a foreign military unit, saying they are operating under different names including Sednit. Please find a comment from ESET Researcher Alexis Dorais-Joncas, who has been tracking and researching the Sednit group. Alexis Dorais-Joncas, Researcher at ESET: “Today, several … The ISBuzz Post: This Post UK Accuses GRU Of Cyberattacks | APT 28 | ||
 |
2018-10-05 05:25:00 | Russia\'s elite hacking unit has been silent, but busy (lien direct) | While APT28 was making fun of the DNC through Western media, Turla APT remained active and hacking in the shadows. | APT 28 | ||
|
2018-10-04 13:00:01 | Russian Fancy Bear APT linked to Earworm hacking group (lien direct) | The hacking rings may be separate but it seems they share a system or two in order to launch their attacks. | APT 28 | ||
 |
2018-09-27 10:40:03 | Cybersecurity Researchers Spotted First-Ever UEFI Rootkit in the Wild (lien direct) | Cybersecurity researchers at ESET have unveiled what they claim to be the first-ever UEFI rootkit being used in the wild, allowing hackers to implant persistent malware on the targeted computers that could survive a complete hard-drive wipe.
Dubbed LoJax, the UEFI rootkit is part of a malware campaign conducted by the infamous Sednit group, also known as APT28, Fancy Bear, Strontium, and
|
Malware | APT 28 | ★★★★★ |
|
2018-09-27 10:03:00 | Fancy Bear LoJax campaign reveals first documented use of UEFI rootkit in the wild (lien direct) | The exploit can be used to patch and tamper with firmware in targeted attacks. | APT 28 | ||
 |
2018-09-27 09:57:03 | LoJax: First UEFI rootkit found in the wild, courtesy of the Sednit group (lien direct) | >ESET researchers have shown that the Sednit operators used different components of the LoJax malware to target a few government organizations in the Balkans as well as in Central and Eastern Europe | Malware | APT 28 | |
|
2018-09-27 03:30:00 | VPNFilter Router Malware Adds 7 New Network Exploitation Modules (lien direct) | Security researchers have discovered even more dangerous capabilities in VPNFilter-the highly sophisticated multi-stage malware that infected 500,000 routers worldwide in May this year, making it much more widespread and sophisticated than earlier.
Attributed to Russia's APT 28, also known as 'Fancy Bear,' VPNFilter is a malware platform designed to infect routers and network-attached storage
|
Malware | VPNFilter APT 28 | ★★★★★ |
|
2018-08-21 01:29:01 | Microsoft Detects More Russian Cyber Attacks Ahead of Mid-Term Election (lien direct) | Microsoft claims to have uncovered another new Russian hacking attempts targeting United States' Senate and conservative think tanks ahead of the 2018 midterm elections.
The tech giant said Tuesday that the APT28 hacking group-also known as Strontium, Fancy Bear, Sofacy, Sednit, and Pawn Storm, which is believed to be tied to the Russian government-created at least six fake websites related
|
APT 28 | ||
 |
2018-08-01 13:00:00 | Off-the-shelf RATs Targeting Pakistan (lien direct) |
Introduction
We’ve identified a number of spear phishing campaigns with Pakistani themed documents, likely targeting the region. These spear phishing emails use a mix of different openly available malware and document exploits for delivery. These are served from the compromised domains www.serrurier-secours[.]be and careers.fwo.com[.]pk (a part of the Pakistani army). There are some clear trends in the themes of the decoy documents the attackers chose to include with file names such as:
China-Pakistan-Internet-Security-LAW_2017.doc
Strategic Thinking on Ensuring Ideological.docx
Fazaia_Housing_Scheme_Notice_Inviting_Tenders.doc
PAFs first multinational air exercise ACES Meet 2017 concludes in Pakistan.doc
IDUF-01.doc
Pakistan Air Force Jet Crashes During Routine Operation
Sales_Tax.doc
Hajj Policy and Plan 2017.doc
|
APT 28 | ||
 |
2018-07-30 17:17:05 | How To Locate Domains Spoofing Campaigns (Using Google Dorks) #Midterms2018 (lien direct) | The government accounts of US Senator Claire McCaskill (and her staff) were targeted in 2017 by APT28 A.K.A. “Fancy Bear” according to an article published by The Daily Beast on July 26th. Senator McCaskill has since confirmed the details. And many of the subsequent (non-technical) articles that have been published has focused almost exclusively on […] | APT 28 | ||
|
2018-07-28 10:38:05 | Russian APT28 espionage group targets democratic Senator Claire McCaskill (lien direct) | The Russia-linked APT28 group targets Senator Claire McCaskill and her staff as they gear up for her 2018 re-election campaign. The Russian APT group tracked as Fancy Bear (aka APT28, Pawn Storm, Sofacy Group, Sednit, and STRONTIUM), that operated under the Russian military agency GRU, continues to target US politicians. This time the target is Senator Claire McCaskill and her staff as […] | APT 28 | ||
|
2018-06-07 19:51:02 | Russia-linked Sofacy APT group adopts new tactics and tools in last campaign (lien direct) | Sofacy APT group (APT28, Pawn Storm, Fancy Bear, Sednit, Tsar Team, and Strontium) continues to operate and thanks to rapid and continuously changes of tactics the hackers are able to remain under the radar. According to experts from Palo Alto Networks, the hackers also used new tools in recent attacks, recently the APT group has shifted focus in their interest, from NATO member […] | APT 28 | ||
 |
2018-05-24 06:34:05 | FBI Takes Control of APT28\'s VPNFilter Botnet (lien direct) | The US Federal Bureau of Investigation (FBI) has obtained court orders and has taken control of the command and control servers of a massive botnet of over 500,000 devices, known as the VPNFilter botnet. [...] | VPNFilter APT 28 | ||
 |
2018-05-03 13:56:02 | Fancy that, Fancy Bear: LoJack anti-laptop theft tool caught phoning home to the Kremlin (lien direct) | LoJack for Laptops, a software tool designed to rat on computer thieves, appears to be serving a double purpose – by seemingly working with a Russian state-sponsored hacking team. The application allows administrators to remotely lock and locate, and remove files from, stolen personal computers. It’s primarily aimed at corporate IT types who want to ... | APT 28 | ||
 |
2018-05-03 13:31:00 | Des versions du logiciel LoJack infiltrées par des pirates (lien direct) | Les pirates du groupe APT28 auraient piégé des version du logiciel LoJack afin d’infiltrer des ordinateurs. Un espionnage quasi invisible ! LoJack Versus LoJack ! En 2014, lors du Black Hat de Las Vegas, les chercheurs Vitaliy Kamlyuk, Sergey Belov, Anibal Sacco avaient présenté une nouvelle f... Cet article Des versions du logiciel LoJack infiltrées par des pirates est apparu en premier sur ZATAZ. | APT 28 | ||
|
2018-05-03 04:27:05 | Fancy Bear abuses LoJack security software in targeted attacks (lien direct) | Recently, several LoJack agents were found to be connecting to servers that are believed to be controlled by the notorious Russia-linked Fancy Bear APT group. LoJack for laptops is a security software designed to catch computer thieves, but it could be theoretically abused to spy on legitimate owners of the device. LoJack could be used to locate […] | APT 28 | ||
|
2018-05-02 06:17:05 | APT28 Hackers Caught Hijacking Legitimate LoJack Software (lien direct) | Security researchers have found tainted versions of the legitimate LoJack software that appeared to have been sneakily modified to allow hackers inside companies that use it. [...] | APT 28 | ||
|
2018-04-24 12:56:02 | Sednit update: Analysis of Zebrocy (lien direct) | Zebrocy heavily used by the Sednit group over last two years | APT 28 | ||
 |
2018-03-16 14:40:02 | Sofacy Targets European Govt as U.S. Accuses Russia of Hacking (lien direct) | Just as the U.S. had been preparing to accuse Russia of launching cyberattacks against its energy and other critical infrastructure sectors, the notorious Russia-linked threat group known as Sofacy was spotted targeting a government agency in Europe. The United States on Thursday announced sanctions against Russian spy agencies and more than a dozen individuals for trying to influence the 2016 presidential election and launching cyberattacks, including the destructive NotPetya campaign and operations targeting energy firms. The Department of Homeland Security and Federal Bureau of Investigation issued a joint technical alert via US-CERT last year to warn about attacks launched by a group known as Dragonfly, Crouching Yeti and Energetic Bear on critical infrastructure. Researchers previously linked Dragonfly to the Russian government and now the DHS has officially stated the same. US-CERT has updated its alert with some additional information. The new version of the alert replaces “APT actors” with “Russian government cyber actors.” The DHS said that based on its analysis of malware and indicators of compromise, Dragonfly attacks are ongoing, with threat actors “actively pursuing their ultimate objectives over a long-term campaign.” This is not the first time the U.S. has imposed sanctions on Russia over its attempt to influence elections. Russia has also been accused by Washington and others of launching the NotPetya attack last year. The Kremlin has always denied the accusations, but President Vladimir Putin did admit at one point that patriotic hackers could be behind the attacks. If Dragonfly and Sofacy (aka Fancy Bear, APT28, Sednit, Tsar Team and Pawn Storm) are truly operating out of Russia, they don't seem to be discouraged by sanctions and accusations. On March 12 and March 14, security firm Palo Alto Networks spotted attacks launched by Sofacy against an unnamed European government agency using an updated variant of a known tool. Sofacy has been using a Flash Player exploit platform dubbed DealersChoice since at least 2016 and it has continued improving it. The latest version has been delivered to a government organization in Europe using a spear phishing email referencing the “Underwat | NotPetya APT 28 | ||
|
2018-03-13 15:50:02 | (Déjà vu) Usual Threats, But More Sophisticated and Faster: Report (lien direct) | Almost Every Type of Cyber Attack is Increasing in Both Volume and Sophistication Eight new malware samples were recorded every second during the final three months of 2017. The use of fileless attacks, primarily via PowerShell, grew; and there was a surge in cryptocurrency hijacking malware. These were the primary threats outlined in the latest McAfee Lab's Threat Report (PDF) covering Q4 2017. The growth of cryptomining malware coincided with the surge in Bitcoin value, which peaked at just under $20,000 on Dec. 22. With the cost of dedicated mining hardware at upwards of $5,000 per machine, criminals chose to steal users' CPU time via malware. It demonstrates how criminals always follow the money, and choose the least expensive method of acquiring it with the greatest chance of avoiding detection. Since December, Bitcoin's value has fallen to $9,000 (at the time of publishing). Criminals' focus on Bitcoin is likewise being modified, with Ethereum and Monero becoming popular. Last week, Microsoft discovered a major campaign focused on stealing Electroneum. "We currently see discussions in underground forums that suggest moving from Bitcoin to Litecoin because the latter is a safer model with less chance of exposure," comments Raj Samani, chief scientist and McAfee fellow with the Advanced Threat Research Team. The speed with which criminals adapt to their latest market conditions is also seen in the way they maximize their asymmetric advantage. "Adversaries," writes Samani, "have the luxury of access to research done by the technical community, and can download and use opensource tools to support their campaigns, while the defenders' level of insight into cybercriminal activities is considerably more limited, and identifying evolving tactics often must take place after malicious campaigns have begun." Examples of attackers making use of legitimate research include Fancy Bear (APT28) leveraging a Microsoft Office Dynamic Data Exchange technique in November 2017 that had been made public just a few we | NotPetya Equifax APT 28 | ||
 |
2018-03-10 09:38:00 | Sofacy/Fancy Bear s\'oriente vers des cibles militaires et diplomatiques en Extrême-Orient (lien direct) |  Les chercheurs de Kaspersky Lab ont observé que le groupe malveillant russophone Sofacy, également connu sous le nom de APT28 ou Fancy Bear, déplace son terrain d'action vers l'Extrême-Orient, avec un intérêt marqué pour des cibles militaires et diplomatiques, en plus de celles traditionnellement liées à l'OTAN. |
APT 28 | ||
 |
2018-03-01 11:51:01 | Germany Blames Russian Black-Hat Hackers for Breach of Federal Agencies (lien direct) | German officials are blaming Russian-linked black-hat hackers for breaching several federal agencies and stealing sensitive information. On 28 February, sources told Deutsche Presse-Agentur (dpa) that the Russian digital espionage group APT28 used malware to target the German government’s secure computer network. The attack is believed to have affected multiple agencies, including the foreign and defense […]… Read More | APT 28 | ||
|
2018-03-01 08:38:02 | DPA Report: Russia-linked APT28 group hacked Germany\'s government network (lien direct) | Germany Government confirmed that hackers had breached its computer network and implanted a malware that was undetected for one year. German news agency DPA reported that Russian hackers belonging to the APT28 group (aka Fancy Bear, Pawn Storm, Sednit, Sofacy, and Strontium) have breached Germany’s foreign and interior ministries’ online networks. The agency, quoting unnamed security sources, revealed that the […] | APT 28 | ||
|
2018-03-01 08:10:05 | Infamous Russian Cyber-Espionage Group Hacks German Government (lien direct) | APT28, an infamous cyber-espionage unit that many security firms believe is acting at the behest of the Russian government, has hacked various German government agencies for more than a year. [...] | APT 28 | ||
|
2018-02-23 13:51:02 | Qu\'est-ce qu\'un malware " macro-less " et pourquoi cela vous dit-il quelque chose ? (lien direct) |  L'année dernière, des pirates liés au groupe de hackers russe APT28 ont démarré une attaque comme en 1999 avec un malware basé sur Microsoft Word qui ne déclenche aucune alerte de sécurité dans son parcours. Ces types d'attaques sont appelées " macro-less malware " car ils contournent les alertes de sécurité mises en place dans les logiciels Microsoft Office en réponse aux macro malwares traditionnels tels que le virus Melissa à la fin du 20ème siècle. |
APT 28 | ||
|
2018-02-21 20:25:00 | Russia-linked Sofacy APT group shift focus from NATO members to towards the Middle East and Central Asia (lien direct) | Experts from Kaspersky highlighted a shift focus in the Sofacy APT group’s interest, from NATO member countries and Ukraine to towards the Middle East and Central Asia. The Russia-linked APT28 group (aka Pawn Storm, Fancy Bear, Sofacy, Sednit, Tsar Team and Strontium.) made the headlines again, this time security experts from Kaspersky highlighted a shift focus in their interest, from NATO member […] | APT 28 | ||
|
2018-02-20 18:41:02 | Russian Cyberspies Shift Focus From NATO Countries to Asia (lien direct) | The Russia-linked cyber espionage group known as Sofacy, APT28, Fancy Bear, Pawn Storm, Sednit and Strontium has shifted its focus from NATO member countries and Ukraine to Central Asia and even further east, Kaspersky Lab reported on Tuesday. | APT 28 | ||
|
2018-02-02 09:55:56 | Which is most the dangerous global hacking cyber group? – AlienVault research (lien direct) | >AlienVault researchers have listed Sofacy, also known as Fancy Bear or APT28, as the most capable hacking group in the world. This was based on ranking the top threat actors which have been reported the most frequently on the AlienVault Open Threat Exchange (OTX) Platform. The results were then formulated to measure the cyber ... | APT 28 | ||
|
2018-01-30 13:40:00 | OTX Trends Part 3 - Threat Actors (lien direct) |
By Javvad Malik and Chris Doman
This is the third of a three part series on trends identified by AlienVault in 2017.
Part 1 focused on exploits and part 2 addressed malware. This part will discuss threat actors and patterns we have detected with OTX.
Which threat actors should I be most concerned about?
Which threat actors your organization should be most concerned about will vary greatly. A flower shop will have a very different threat profile from a defense contractor. Therefore below we’ve limited ourselves to some very high level trends of particular threat actors below- many of which may not be relevant to your organisation.
Which threat actors are most active?
The following graph describes the number of vendor reports for each threat actor over the past two years by quarter:
For clarity, we have limited the graph to the five threat actors reported on most in OTX. This is useful as a very rough indication of which actors are particularly busy.
Caveats
There are a number of caveats to consider here. One news-worthy event against a single target may be reported in multiple vendor reports. Whereas a campaign against thousands of targets may be only represented by one report.
Vendors are also more inclined to report on something that is “commercially interesting”. For example activity targeting banks in the United States is more likely to be reported than attacks targeting the Uyghur population in China. It’s also likely we missed some reports, particularly in the earlier days of OTX which may explain some of the increase in reports between 2016 and 2017.
The global targeted threat landscape
There are a number of suggested methods to classify the capability of different threat actors. Each have their problems however. For example – if a threat actor never deploys 0-day exploits do they lack the resources to develop them, or are they mature enough to avoid wasting resources unnecessarily?
Below we have plotted out a graph of the threat actors most reported on in the last two years. We have excluded threat actors whose motivation is thought to be criminal, as that wouldn’t be an apples to apples comparison.
Both the measure of their activity (the number of vendor reports) and the measure of their capability (a rough rule of thumb) are not scientific, but can provide some rough insights:
A rough chart of the activity and capability of notable threat actors in the last year
Perhaps most notable here is which threat actors are not listed here. Some, such as APT1 and Equation Group, seem to have disappeared under their existing formation following from very public reporting. It seems unlikely groups which likely employ thousands of people such as those have disappeared completely. The lack of such reporting is more likely a result of significantly changed tactics and identification following their outing. Others remain visibly active, but not enough to make our chart of “worst offenders”.
A review of the most reported on threat actors
The threat actor referenced i |
APT 38 APT 28 APT 10 APT 3 APT 1 APT 34 | ||
 |
2018-01-12 13:00:23 | Update on Pawn Storm: New Targets and Politically Motivated Campaigns (lien direct) | The active espionage actor group Pawn Storm didn't shy away from continuing their brazen attacks in the second half of 2017. Pawn Storm's attacks usually are not isolated incidents. We can often relate them to earlier attacks by carefully looking at the technical indicators and motives. Post from: Trendlabs Security Intelligence Blog - by Trend Micro Update on Pawn Storm: New Targets and Politically Motivated Campaigns | APT 28 | ||
|
2017-12-23 13:48:25 | Russian Fancy Bear APT Group improves its weapons in ongoing campaigns (lien direct) | >Fancy Bear APT group refactored its backdoor and improved encryption to make it stealthier and harder to stop. The operations conducted by Russian Fancy Bear APT group (aka Sednit, APT28, and Sofacy,  Pawn Storm, and Strontium) are even more sophisticated and hard to detect due to. According to a new report published by experts from security firm ESET, the […] | APT 28 | ||
 |
2017-12-21 16:20:00 | Russia\'s Fancy Bear APT Group Gets More Dangerous (lien direct) | Encryption and code refreshes to group's main attack tool have made it stealthier and harder to stop, ESET says. | APT 28 | ||
|
2017-12-21 13:58:28 | Sednit update: How Fancy Bear Spent the Year (lien direct) | Over the past few years the Sednit group has used various techniques to deploy their various components on targets computers. The attack usually starts with an email containing either a malicious link or malicious attachment. | APT 28 | ||
|
2017-11-15 10:00:45 | November\'s Patch Tuesday Includes Defense in Depth Update for Attacks Abusing Dynamic Data Exchange (lien direct) | Microsoft rolled out fixes for over 50 security issues in this month's Patch Tuesday. The updates cover vulnerabilities and bugs in the Windows operating system, Internet Explorer (IE), Edge, ASP .NET Core, Chakra Core browsing engine, and Microsoft Office. Microsoft also released a security advisory providing defense-in-depth mitigations against attacks abusing the Dynamic Data Exchange (DDE) protocol in light of recent attacks misusing this feature. Abusing DDE isn't new, but the method has made a resurgence with reports of cyberespionage and cybercriminal groups such as Pawn Storm, Keyboy, and FIN7 leveraging it to deliver their payloads. Post from: Trendlabs Security Intelligence Blog - by Trend Micro November's Patch Tuesday Includes Defense in Depth Update for Attacks Abusing Dynamic Data Exchange | APT 28 APT 23 | ||
|
2017-11-14 19:30:02 | Fancy Bears Use Microsoft Vulnerability To Play On US Terrorism Fears (lien direct) | The ISBuzz Post: This Post Fancy Bears Use Microsoft Vulnerability To Play On US Terrorism Fears | APT 28 | ||
|
2017-11-10 11:43:05 | Fancy Bear found distributing malware again (lien direct) | >The Russian linked hacking group Fancy Bear has been discovered in delivering malware to targeted users by exposing a recently disclosed technique that involves Microsoft Windows feature Dynamic Data Exchange. View Full Story ORIGINAL SOURCE: Security Week | APT 28 | ||
|
2017-11-09 06:54:05 | Russia-Linked APT28 group observed using DDE attack to deliver malware (lien direct) | >Security experts at McAfee observed the Russian APT28 group using the recently reported the DDE attack technique to deliver malware in espionage campaign. Security experts at McAfee observed the Russian APT group APT28 using the recently reported the DDE technique to deliver malware in targeted attacks. The cyber spies were conducting a cyber espionage campaign that involved blank documents […] | APT 28 | ||
|
2017-11-09 01:14:31 | Russian \'Fancy Bear\' Hackers Using (Unpatched) Microsoft Office DDE Exploit (lien direct) | Cybercriminals, including state-sponsored hackers, have started actively exploiting a newly discovered Microsoft Office vulnerability that Microsoft does not consider as a security issue and has already denied to patch it.
Last month, we reported how hackers could leverage a built-in feature of Microsoft Office feature, called Dynamic Data Exchange (DDE), to perform code execution on the
|
APT 28 | ||
|
2017-11-08 08:41:21 | Russia-Linked Spies Deliver Malware via DDE Attack (lien direct) | The Russia-linked cyber espionage group tracked as APT28 and Fancy Bear has started delivering malware to targeted users by leveraging a recently disclosed technique involving Microsoft Office documents and a Windows feature called Dynamic Data Exchange (DDE). | APT 28 | ||
 |
2017-11-07 18:00:00 | Threat Group APT28 Slips Office Malware into Doc Citing NYC Terror Attack (lien direct) | 
This blog post was co-written by Michael Rea. During our monitoring of activities around the APT28 threat group, McAfee Advanced Threat Research analysts identified a malicious Word document that appears to leverage the Microsoft Office Dynamic Data Exchange (DDE) technique that has been previously reported by Advanced Threat Research. This document likely marks the first …
|
APT 28 | ★★★★ | |
 |
2017-11-05 16:59:02 | Dark Markets do it better, surveying the Phishing underground and dissecting a Fancy Bear attack (lien direct) | In episode 69 of The Security Ledger podcast, we speak with Luca Allodi of The University of Eindhoven in The Netherlands about research on the functioning of dark markets. Also: DUO Security researched the trade in phishing toolkits – you’ll be surprised at what they learned. And we deconstruct a campaign against the citizen...Read the whole entry... _!fbztxtlnk!_ https://feeds.feedblitz.com/~/486500376/0/thesecurityledger -->» | APT 28 | ||
|
2017-11-03 08:52:21 | Russian \'Fancy Bear\' Hackers Abuse Blogspot for Phishing (lien direct) | The cyber espionage group known as Fancy Bear, which is widely believed to be backed by the Russian government, has been abusing Google's Blogspot service in recent phishing attacks. | APT 28 | ||
|
2017-11-02 21:51:07 | AP: Russia hackers had targets worldwide, beyond US election (lien direct) | The Associated Press is reporting on a trove of data accidentally leaked by the Russian-backed advanced persistent threat (APT) group known as Fancy Bear that suggests the group conducted a years-long campaign against targets in the US, Ukraine, Russia, Georgia and Syria. The documents, which were discovered by the security firm Secureworks,...Read the whole entry... _!fbztxtlnk!_ https://feeds.feedblitz.com/~/484600838/0/thesecurityledger -->» | APT 28 | ||
|
2017-10-29 09:28:35 | Security Affairs newsletter Round 134 – News of the week (lien direct) | >A new round of the weekly SecurityAffairs newsletter arrived! The best news of the week with Security Affairs. Once again thank you! ·Â Â Â Â Â A leaked document raises a doubt about NSA knew the #Krack attack since 2010 ·Â Â Â Â Â APT28 group is rushing to exploit recent CVE-2017-11292 Flash 0-Day before users apply the patches ·Â Â Â Â Â DHS […] | APT 28 | ||
|
2017-10-26 15:16:29 | Fancy Bear Hackers Race To Exploit Flash Bug Against The US And Europe (lien direct) | The ISBuzz Post: This Post Fancy Bear Hackers Race To Exploit Flash Bug Against The US And Europe | APT 28 | ||
|
2017-10-24 06:32:53 | Latest Russia-linked APT28 campaign targeting security experts (lien direct) | >Russian cyber espionage group APT28 targeted individuals with spear-phishing messages using documents referencing a NATO cybersecurity conference. Researchers with Cisco Talos have spotted a Russian cyber espionage group targeting individuals with spear-phishing messages using documents referencing a NATO cybersecurity conference. Experts attributed the attack to the dreaded Russian APT28 group, aka Pawn Storm, Fancy Bear, Sofacy, Group 74, Sednit, […] | APT 28 | ||
|
2017-10-22 11:29:08 | APT28 group is rushing to exploit recent CVE-2017-11292 Flash 0-Day before users apply the patches (lien direct) | >The APT28 group is trying to exploit the CVE-2017-11292 Flash zero-day before users receive patches or update their systems. Security experts at Proofpoint collected evidence of several malware campaigns, powered by the Russian APT28 group, that rely on a Flash zero-day vulnerability that Adobe patched earlier this week. According to the experts who observed attacks on organizations […] | APT 28 | ||
|
2017-10-20 11:06:44 | Russian Hackers Exploit Recently Patched Flash Vulnerability (lien direct) | The Russia-linked cyber espionage group known as APT28 has been using a recently patched Adobe Flash Player vulnerability in attacks aimed at government organizations and aerospace companies, security firm Proofpoint reported on Thursday. | APT 28 | ||
|
2017-10-20 10:04:46 | Fancy Bear Hackers rush to Exploit Flash bug (lien direct) | >Russian hacking group, the Fancy Bear’s, are rushing to exploit the recently disclosed Adobe Flash bug before patches are widely used. View Full Story ORIGINAL SOURCE: IBTimes | APT 28 |
To see everything:
Our RSS (filtrered)
