Fancy Bear – Page 5 – WindowsTechs.com

5 Infamous Hacks You Didn’t Know Were Phishes

Posted on June 17, 2019 by Ranjeet Vidwans

Despite the common knowledge around phishing, even the most tech-savvy are still falling prey to the tactic. In fact, millennials are more likely to become a phishing victim than their grandparents are. Why is that? Few outside of the IT and security… Continue reading 5 Infamous Hacks You Didn’t Know Were Phishes→

Cyber Command’s latest VirusTotal upload has been linked to an active attack

Posted on May 21, 2019 by Shannon Vavra

The malware sample that U.S. Cyber Command uploaded to VirusTotal last week is still involved in active attacks, multiple security researchers tell CyberScoop. Researchers from Kaspersky Lab and ZoneAlarm, a software security company run by Check Point Technologies, tell CyberScoop they have linked the malware with APT28, the same hacking group that breached the Democratic National Committee during the 2016 election cycle. A variant of the malware is being used in ongoing attacks, hitting targets as recently this month. The targets include Central Asian nations, as well as diplomatic and foreign affairs organizations, Kaspersky Lab’s principal security researcher Kurt Baumgartner tells CyberScoop. While ZoneAlarm can’t confirm the targets the attack is focused on, the company detected the specific malware hash in an active attack in the Czech Republic last week, Lotem Finkelsteen, ZoneAlarm’s Threat Intelligence Group Manager, tells CyberScoop. “Although we cannot confirm such an attack, Finkelsteen said, referring to the […]

The post Cyber Command’s latest VirusTotal upload has been linked to an active attack appeared first on CyberScoop.

Continue reading Cyber Command’s latest VirusTotal upload has been linked to an active attack→

There’s A Lot We Still Don’t Know About WikiLeaks’ Role In The 2016 Election

Posted on April 18, 2019 by Lorenzo Franceschi-Bicchierai

The Mueller report leaves some unanswered questions on Julian Assange and WikiLeaks’s role in the hack and leak against the DNC and John Podesta. Continue reading There’s A Lot We Still Don’t Know About WikiLeaks’ Role In The 2016 Election→

Microsoft: Russia’s Fancy Bear Working to Influence EU Elections

Posted on February 20, 2019 by Tara Seals

As hundreds of millions of Europeans prepare to go to the polls in May, Fancy Bear ramps up cyber-espionage and disinformation efforts. Continue reading Microsoft: Russia’s Fancy Bear Working to Influence EU Elections→

As Europe prepares to vote, Microsoft warns of Fancy Bear attacks on democratic think tanks

Posted on February 20, 2019 by Sean Lyngaas

Three months before parliamentary elections in Europe, Microsoft says it has detected hacking attempts on democracy-focused think tanks from the Russian hacking group that breached the Democratic National Committee in 2016. From September to December 2018, hackers conducted cyberattacks on employees of the Aspen Institutes in Europe, the German Council on Foreign Relations, and the German Marshall Fund, Microsoft said late Tuesday. Microsoft said it was “confident” the hacking group it calls Strontium, more commonly known as Fancy Bear or APT28, was responsible for many of the attacks. Western officials have attributed the group to Russia’s military intelligence directorate. The malicious cyber activity concentrated on 104 accounts of think tank employees based in Belgium, France, Germany, Poland, Romania, and Serbia. Two of the affected organizations contacted by CyberScoop indicated the hacking attempts were unsuccessful. Andrew Kolb, a German Marshall Fund spokesman, told CyberScoop that there was no evidence his organization’s systems were compromised. Tyson Barker, […]

The post As Europe prepares to vote, Microsoft warns of Fancy Bear attacks on democratic think tanks appeared first on CyberScoop.

Continue reading As Europe prepares to vote, Microsoft warns of Fancy Bear attacks on democratic think tanks→

For foreign hackers, 2018 was all about subtlety, CrowdStrike says

Posted on February 19, 2019 by Jeff Stone

Nation-state hackers from China, Russia and elsewhere spent last year updating their tradecraft and tightening their focus on espionage targets, according to a new CrowdStrike report examining the evolution of cyber-espionage in 2018. The year didn’t see a suspected state-sponsored cyberattack on the scale of 2017’s NotPetya or WannaCry ransomware campaigns, which researchers have suggested were the work of Russian and North Korean hackers, respectively. But in the absence of another headline-grabbing crime spree, international hackers sought to advance their boss’ interests in more subtle ways: by more carefully determining who to hack and moving more quickly once inside, CrowdStrike said. Chinese actors re-ignited their attacks against American targets amid a trade war with the U.S. Russia continued their reconnaissance efforts, while North Korea used digital techniques to generate cryptocurrency that would help Pyongyang avoid sanctions. Meanwhile, in Iran, state-sponsored hackers focused on domestic targets and rivals in the Middle […]

The post For foreign hackers, 2018 was all about subtlety, CrowdStrike says appeared first on CyberScoop.

Continue reading For foreign hackers, 2018 was all about subtlety, CrowdStrike says→

The APT Name Game: How Grim Threat Actors Get Goofy Monikers

Posted on February 5, 2019 by Tara Seals

How do advanced persistent threat groups such as Double Secret Octopus and Anchor Panda get their ridiculous names? Continue reading The APT Name Game: How Grim Threat Actors Get Goofy Monikers→

Japanese government will try to hack its citizens’ IOT devices

Posted on January 29, 2019 by Lisa Vaas

Japan will hack citizens’ IoT devices to mop up cyber security before the Olympics. Don’t like the notion? Here’s how to lock ’em down! Continue reading Japanese government will try to hack its citizens’ IOT devices→

Two suspected Russian hacking groups share tools and techniques, Kaspersky says

Posted on January 24, 2019 by Jeff Stone

Multiple groups of suspected Russian hackers have a relationship with one another that includes sharing malicious software code and hacking techniques, according to new research. The Moscow-based security vendor Kaspersky Lab on Thursday released findings tying the espionage group GreyEnergy with Zebrocy. Zebrocy is the name researchers have given to a group affiliated with suspected Russian military hackers known as Sofacy (or Fancy Bear, or APT 28), the alleged perpetrator in the hacking the Democratic National Committee in 2016. Both groups used the same command-and-control servers — the infrastructure that allows hackers to maintain communications with compromised machines — to simultaneously to target the same organization, according to Kaspersky. They also sent similar phishing emails disguised as messages from the Ministry of the Republic of Kazakhstan within one week. Our research confirms #GreyEnergy and #Zebrocy shared the C2 server infrastructure and both targeted the same organization almost at the same time. It […]

The post Two suspected Russian hacking groups share tools and techniques, Kaspersky says appeared first on CyberScoop.

Continue reading Two suspected Russian hacking groups share tools and techniques, Kaspersky says→

First-Ever UEFI Rootkit Tied to Sednit APT

Posted on December 28, 2018 by Tom Spring

Researcher at ESET outlines research on the first successful UEFI rootkit used in the wild. Continue reading First-Ever UEFI Rootkit Tied to Sednit APT→