Collaborate Disseminate
In the wake of the global political fallout over the Salisbury nerve agent attack, there are reports of a growing threat of Russian state or Russian state-affiliated hacking groups conducting cyber attack reprisals against UK organisations, g… Continue reading Cyber Security Roundup for March 2018
President Donald Trump’s newly appointed national security adviser has a history of denying that Russian hackers breached the Democratic National Committee in the run-up to the 2016 presidential election. “It’s not at all clear to me just viewing this from the outside that this hacking into the DNC and the RNC computers was not a false flag operation,” John Bolton said on Fox News in December 2016. “The question that has to be asked is, why did the Russians run their smart intelligence service against Hillary [Clinton]’s server, but their dumb intelligence services against the election?” That opinion runs counter to what most cybersecurity experts, the U.S. intelligence community and even current Trump administration officials say. In fact, the only known organization that’s entertained this same assertion is The Nation, a typically left-leaning liberal news outlet, which was subsequently mocked for its story that suggested as much. The latter half of […]
The post Trump’s new national security adviser is a DNC breach truther appeared first on Cyberscoop.
Continue reading Trump’s new national security adviser is a DNC breach truther
A new analysis of the Russian-speaking Sofacy APT gang shows a continual march toward Far East targets and overlapping of activities with other groups such as Lamberts, Turla and Danti. Continue reading Sofacy APT Adopts New Tactics and Far East Targets
Hackers believed to be tied to the Russian government successfully compromised the networks of the German defense and foreign ministries in at attack that may have lasted for a year, German news agency Deutsche Presse-Agentur reported Wednesday. Citing unnamed officials, the news agency reported that APT28 used malware to steal data from the government agencies, but the extent of the impact is unclear. Another German outlet, Deutsche Welle, reports that the hackers infiltrated a specially designed network used by the government to keep communications secure and separate. German press claim that that the BSI and BfV intelligence agencies are investigating the breach. APT28, commonly known as FancyBear, has been blamed by both private cybersecurity companies and U.S. intelligence agencies for carrying out attacks that target governments and political entities. Most notably, the group is known for obtaining and then leaking private information from Democratic National Commission in the 2016 U.S. election. More recently, the […]
The post Report: APT28 breached German foreign and defense ministries appeared first on Cyberscoop.
Continue reading Report: APT28 breached German foreign and defense ministries
A hacking group heavily linked to the Russian government is attempting to steal U.S. Senate email login credentials and also appears to be preparing to disrupt the 2018 Winter Olympics in South Korea, based on new research by cybersecurity firms TrendMicro and ThreatConnect. Researchers found that the group, named “APT28,” “Fancy Bear” or “Pawn Storm,” had recently registered numerous malicious domains — some of which mimic legitimate properties related to the 2018 Olympic Games — and sent spearphishing emails to several professional winter sporting organizations, including the International Ski Federation, International Ice Hockey Federation, International Luge Federation, International Bobsleigh & Skeleton Federation and global governing body for biathlon competitions. Experts say this activity shows that APT28 is laying the ground work for future operations. The news comes during a period of heightened tension between Moscow and the International Olympic Committee, after a doping scandal saw 43 Russian athletes and several other […]
The post Russian hacking group Fancy Bear prepares to attack Winter Olympics, U.S. Senate appeared first on Cyberscoop.
Continue reading Russian hacking group Fancy Bear prepares to attack Winter Olympics, U.S. Senate
A hacking group with suspected Russian links published allegedly leaked emails from the International Olympic Committee (IOC) and the World Anti-Doping Agency (WADA) on Wednesday, less than a month before the 2018 Winter Olympics begin in Pyeongchang, South Korea. The group, known as “Fancy Bear,” posted conspiracy theory-laced, Illuminati-themed, heavily doctored pictures of Olympic officials Wednesday with text teasing a new release. A few hours later, the group posted a link to a website and leaked email archives with the title “#WADA vs. #IOC: Fight for Clean Sport or Fight for Power?” A lengthy blog post accused “Anglo-Saxon” nations including the United States of fighting for “power and cash in the sports world” but doing so “on the pretext of defending clean sport.” The group, also known as APT28, is best known as being credited with breaching the the Democratic National Committee and Hillary for America campaign in 2016, as well as propaganda tied to other Olympic athletes […]
The post ‘Anglo-Saxon Illuminati’ responsible for Olympic doping controversy, according to Fancy Bear appeared first on Cyberscoop.
One of the most notable data breaches disclosed this month was by Uber, given the company attempted to cover up the breach by paying off hackers. Over a year ago the transport tech firm was said to have paid £75,000 to two hackers to delete 57 mil… Continue reading Cyber Security Roundup for November 2017
Russian cyberespionage group Fancy Bear is using a recently publicized technique that abuses a legitimate Microsoft Office feature to create documents that can install malware. For the past several years the most common method of embedding malicious co… Continue reading Fancy Bear Adopts New DDE Attack Against Microsoft Office
Security researchers recently discovered a notable spear phishing email campaign that used a peculiar, albeit increasingly popular, intrusion technique hidden inside a message concerning a terrorism attack in New York City. The operation appears to have been conducted, according to U.S. cybersecurity firm McAfee, by an infamous group of Russian hackers widely known as APT28 or Fancy Bear. The group is best known for breaching the Democratic National Committee in the run up to the 2016 U.S. Presidential Election. The malicious emails designed by APT28 may have been recently sent to military personnel located in Germany and France, based on other associated campaigns that were similar linked to the Russian hackers, explained Ryan Sherstobitoff, a senior analyst with McAfee’s advanced threat research team. “Based on the telemetry we captured, we have observed targets in Europe, specifically France and Germany,” Sherstobitoff said. “The document theme from the previous related campaign has […]
The post Russian hackers used NYC terror attack news to lure targets into loading malware appeared first on Cyberscoop.
Continue reading Russian hackers used NYC terror attack news to lure targets into loading malware
Security researchers have identified a new phishing campaign launched by Russian cyberespionage group Fancy Bear that uses rogue blogspot.com URLs to bypass spam filters. These latest attacks were aimed at Bellingcat, a group of volunteers who perform … Continue reading Fancy Bear Cyberspies Hide Phishing Pages Behind Blogspot Links