Collaborate Disseminate
By Deeba Ahmed
Midnight Blizzard (aka Cozy Bear and APT29) originally breached Microsoft on January 12, 2024.
This is a post from HackRead.com Read the original post: Russian Midnight Blizzard Hackers Breached Microsoft Source Code
Continue reading Russian Midnight Blizzard Hackers Breached Microsoft Source Code
US government and allies expose TTPs used by notorious Russian hacking teams and warn of the targeting of dormant cloud accounts.
The post Russian Cyberspies Targeting Cloud Infrastructure via Dormant Accounts appeared first on SecurityWeek.
Continue reading Russian Cyberspies Targeting Cloud Infrastructure via Dormant Accounts
HPE told the SEC that Russian state-sponsored threat group Midnight Blizzard had access to an email system for several months.
The post HPE Says Russian Government Hackers Had Access to Emails for 6 Months appeared first on SecurityWeek.
Continue reading HPE Says Russian Government Hackers Had Access to Emails for 6 Months
A Russian government-backed hacking team broke into Microsoft’s corporate network and stole emails and attachments from senior executives.
The post Microsoft Says Russian Gov Hackers Stole Email Data from Senior Execs appeared first on SecurityWeek.
Continue reading Microsoft Says Russian Gov Hackers Stole Email Data from Senior Execs
By Waqas
Polish authorities and FortiGuard Labs have issued a warning to customers about a new wave of cyberattacks associated with TeamCity.
This is a post from HackRead.com Read the original post: Russian APT29 Hacked US Biomedical Giant in TeamCity-… Continue reading Russian APT29 Hacked US Biomedical Giant in TeamCity-Linked Breach
US, UK, and Poland warn of Russia-linked cyberespionage group’s broad exploitation of recent TeamCity vulnerability.
The post Russian Cyberspies Exploiting TeamCity Vulnerability at Scale: Government Agencies appeared first on SecurityWeek.
Continue reading Russian Cyberspies Exploiting TeamCity Vulnerability at Scale: Government Agencies
Russia-linked cyberespionage group APT29 has been observed using embassy-themed lures and the GraphicalNeutrino malware in recent attacks.
The post Russia-Linked APT29 Uses New Malware in Embassy Attacks appeared first on SecurityWeek.
Continue reading Russia-Linked APT29 Uses New Malware in Embassy Attacks
APT29, one of the SVR’s most active and successful hacking groups, has been using the cloud service to help deliver malware, the researchers said.
The post Russian hacking unit Cozy Bear adds Google Drive to its arsenal, researchers say appeared first on CyberScoop.
Continue reading Russian hacking unit Cozy Bear adds Google Drive to its arsenal, researchers say
New infrastructure, old tricks.
The post SolarWinds hackers set up phony media outlets to trick targets appeared first on CyberScoop.
Continue reading SolarWinds hackers set up phony media outlets to trick targets
President Joe Biden urging Vladimir Putin to crack down on cyberattacks coming from within Russian borders doesn’t seem to have convinced the Kremlin to give it up just yet. RiskIQ said in a report Friday that it uncovered active hacking infrastructure that Western governments attributed last summer to the Russian SVR intelligence agency-linked APT29 or Cozy Bear, which it used at the time to try to steal Covid-19 research. Known as WellMess or WellMail, the malware warranted government alerts in July of 2020 from the U.S., U.K. and Canada. In April, the FBI urged organizations to patch five known vulnerabilities that U.S. officials said were the subject of exploitation by the SVR. RiskIQ identified three dozen command and control servers serving WellMess that the company said were under APT29 control. It focused on the infrastructure after a U.S.-Russia summit where cyberattacks came up. “The activity uncovered was notable given the […]
The post Evidence suggests Russia’s SVR is still using ‘WellMess’ malware, despite US warnings appeared first on CyberScoop.