Category Archives: Fancy Bear

Pentagon again deploying cyber personnel abroad to gather intel for 2020 elections

Posted on by

The Pentagon once again is sending cyber personnel overseas to gather intelligence to help protect the 2020 presidential elections against foreign interference, the U.S. Embassy in Montenegro announced this week. U.S. European Command and U.S. Cyber Command are deploying an undisclosed number of staffers to Montenegro in order to gain insights into cyber threats from adversaries before both the U.S. and Montenegrin elections next year. It’s the second time in as many years the Department of Defense is running going through the effort as part of a partnership that’s uniquely poised to provide insights on possible Russian election interference. Montenegro and the U.S. both have been targeted by the Russian government-linked hacking outfit APT28, or Fancy Bear. If Cyber Command uncovers similar activity again in Montenegro, those insights could inform decisions on how to safeguard the U.S. “Montenegro is among the first in Europe to face unconventional attacks on its democracy and freedom […]

The post Pentagon again deploying cyber personnel abroad to gather intel for 2020 elections appeared first on CyberScoop.

Continue reading Pentagon again deploying cyber personnel abroad to gather intel for 2020 elections

Fancy Bear Targeting Anti-Doping Organizations Ahead of 2020 Olympic Games

Posted on by

Fancy Bear has begun targeting anti-doping authorities and sporting organizations ahead of the 2020 Summer Olympic Games. On October 28, the Microsoft Threat Intelligence Center revealed that it had identified at least 16 national and international org… Continue reading Fancy Bear Targeting Anti-Doping Organizations Ahead of 2020 Olympic Games

Russian Hackers Targeting Anti-Doping Agencies Ahead of 2020 Tokyo Olympics

Posted on by

As Japan gears up for the upcoming 2020 Summer Olympics in Tokyo for the next year, the country needs to brace itself for sophisticated cyberattacks, especially from state-sponsored hackers.

Microsoft has issued a short notice, warning about a new wav… Continue reading Russian Hackers Targeting Anti-Doping Agencies Ahead of 2020 Tokyo Olympics

Fancy Bear hackers targeted at least 16 athletic organizations ahead of Tokyo Olympics

Posted on by

State-sponsored Russian hackers are targeting anti-doping authorities and other sports-related organizations ahead of the Tokyo Olympics in 2020, Microsoft announced on Monday. The hacking group known as Fancy Bear — or Strontium, APT28 and other names — targeted at least 16 national and international organizations across three continents starting Sept. 16, Tom Burt, Microsoft’s vice president for customer security and trust said in a blog post. That date roughly coincides with when World-Anti Doping Agency officials told international media outlets that Russia may be banned from all international sporting events over “inconsistencies” at its Moscow testing facility. Microsoft reported Monday that some of the attacks detected in recent weeks were successful, but “the majority were not.” The company did not name any specific victims. The news comes less than a year before the next Summer Games begin in July 2020. The World Anti-Doping Authority long has been a target of interest for Russian hackers. Fancy […]

The post Fancy Bear hackers targeted at least 16 athletic organizations ahead of Tokyo Olympics appeared first on CyberScoop.

Continue reading Fancy Bear hackers targeted at least 16 athletic organizations ahead of Tokyo Olympics

Cybercriminals Impersonate Russian APT ‘Fancy Bear’ to Launch DDoS Attacks

Posted on by

Attacks are targeting international companies in the financial sector, demanding that victims pay ransom in Bitcoin. Continue reading Cybercriminals Impersonate Russian APT ‘Fancy Bear’ to Launch DDoS Attacks

Cozy Bear kept moving after 2016 election, ESET says

Posted on by

One of the Kremlin-linked hacking groups that breached the Democratic National Committee in 2016 has remained active in the years that followed, even if it’s been less visible. Cozy Bear, also known as APT29 and the Dukes, began using different malicious software and new hacking techniques after 2016, according to findings published Thursday by the Slovakian security firm ESET. There wasn’t much public evidence of the group’s activity, but researchers say it did not go quiet after interfering in the U.S. presidential election. The hackers targeted U.S. think tanks in 2017, defense contractors in 2018 and three European countries’ ministries of foreign affairs. (The U.S. security firm FireEye suggested in November that Cozy Bear was showing signs of activity.) “Our new research shows that even if an espionage group disappears from public reports for many years, it may not have stopped spying,” ESET said in its report. “The Dukes were able […]

The post Cozy Bear kept moving after 2016 election, ESET says appeared first on CyberScoop.

Continue reading Cozy Bear kept moving after 2016 election, ESET says

Why did President Trump mention CrowdStrike to the Ukrainian president?

Posted on by

During a controversial phone call between President Donald Trump and Ukrainian President Volodymyr Zelenskiy in July, Trump asked Zelensky for a “favor” to help locate a “server” linked with security company CrowdStrike, according to an unclassified transcript of the call released Wednesday. “I would like you to do us a favor though because our country has been through a lot and Ukraine knows a lot about it. I would like you to find out what happened with this whole situation with Ukraine, they say Crowdstrike … I guess you have one of your wealthy people … The server, they say Ukraine has it,” Trump said, according the document released by the White House. “I think you’re surrounding yourself with some of the same people. I would like to have the [U.S.] Attorney General [William Barr] call you or your people and I would like you to get to the bottom […]

The post Why did President Trump mention CrowdStrike to the Ukrainian president? appeared first on CyberScoop.

Continue reading Why did President Trump mention CrowdStrike to the Ukrainian president?

Russian government hackers used office technology to try to breach privileged accounts

Posted on by

Early this spring, Russian government-linked hackers used three popular internet of things devices with weak security to access several Microsoft customers’ networks, then tried infiltrating more privileged accounts, researchers announced Monday. The company’s Threat Intelligence center said the STRONTIUM group, also known as APT 28 and Fancy Bear, leveraged weak security in an office printer, video decoders and voice over IP, or VOIP, phone to access wider systems. The attacks occurred as recently as April, Microsoft said, adding that hackers used insecure IoT devices as a means to attempt to break into valuable accounts where they would have found more sensitive data. Microsoft disclosed neither the affected devices, nor which of its customers were impacted. “While much of the industry focuses on the threats of hardware implants, we can see in this example that adversaries are happy to exploit simpler configuration and security issues to achieve their objectives,” Microsoft researchers wrote in their […]

The post Russian government hackers used office technology to try to breach privileged accounts appeared first on CyberScoop.

Continue reading Russian government hackers used office technology to try to breach privileged accounts