Collaborate Disseminate
Dear blog readers,Continuing the “FBI’s Most Wanted Cybercriminals” series I’ve decided to share some of the actionable intelligence that I have on GRU’s involvement in the 2016 U.S Election interference with the idea to assist U.S Law Enforcement and … Continue reading Exposing GRU’s Involvement in U.S Election Interference – 2016 – An OSINT Analysis
Norwegian authorities on Tuesday got more specific in their accusation of Russian involvement in an August cyberattack on Norwegian parliament, implicating the same notorious group of suspected Russian military intelligence hackers accused of interfering in the 2016 U.S. election. Fancy Bear or APT28 — a group of hackers linked with Russia’s GRU military agency — was likely behind the breach, which resulted in the theft of “sensitive content” from some Norwegian lawmakers’ email accounts, Norway’s national police agency said in a statement. The attackers used a common technique called “brute forcing,” which bombards accounts with passwords until one works, to access the Norwegian parliament’s email system, according to the statement signed by Norwegian police attorney Anne Karoline Bakken Staff. The Fancy Bear operatives then tried to move further into parliament’s IT systems, according to the statement, but were unsuccessful. The intrusions were part of a broader suspected Fancy Bear campaign […]
The post Norwegian police implicate Fancy Bear in parliament hack, describe ‘brute forcing’ of email accounts appeared first on CyberScoop.
For the third time in the past two years, the United States has indicted intelligence officers associated with Russia’s Main Intelligence Directorate (GRU), the military intelligence entity of the General Staff of the Armed Forces of the Russian Feder… Continue reading Inside the DoJ’s GRU Indictments for Cyber Meddling
The European Union on Thursday sanctioned the head of a Russian military intelligence unit, an alleged hacker wanted by the FBI and a Russian government-linked hacking group over a 2015 cyberattack against Germany’s parliament. It’s only the second time the EU has issued cyber-related sanctions, following July sanctions against Russia, China and North Korea in connection with a string of unrelated cyberattacks. Now, as then, the General Staff Main Intelligence Directorate, commonly known as the GRU, is among the targets of the EU’s ire. Igor Kostyukov, head of the GRU, was hit with sanctions in Thursday’s action over the Bundestag hack. So, too, was alleged intelligence officer Dmitry Badin, previously indicted in the U.S. for his role in 2016 election interference. The EU also sanctioned the GRU-connected hacking group known as Fancy Bear, among other names, which the U.S. has likewise connected to 2016 election meddling. “The cyber-attack against the German federal parliament targeted the parliament’s information […]
The post EU slaps sanctions on GRU leader, Fancy Bear, FBI-wanted hacker over Bundestag attack appeared first on CyberScoop.
The DoJ has charged six Russians, allegedly working for the GRU, with a huge range of computer crimes.
The post GRU Agents Indicted for Hacking Multiple Targets appeared first on Security Boulevard.
Continue reading GRU Agents Indicted for Hacking Multiple Targets
What can we learn from the US DOJ indictments against the “Sandworm Team”? Continue reading Russian “government hackers” charged with cybercrimes by the US
DOJ charges six Russian nationals for their alleged part in the NotPetya, Ukraine power grid and Olympics cyberattacks. Continue reading DOJ Charges 6 Sandworm APT Members in NotPetya Cyberattacks
Foreign espionage groups, including those bent on undermining the U.S. political process, have targeted non-government organizations and think tanks more than any other sector in a bid to gather intelligence, according to new data from Microsoft. Of the thousands of notifications Microsoft made to customers about state-linked hacking activity from mid-2019 to mid-2020, NGOs accounted for 32% of those alerts, the company said in a report released Tuesday. And over 90% of those notifications have been outside of critical infrastructure sectors. The focus on targets outside Washington suggests hacking groups could be in search of softer targets during an election season when Democratic and Republican campaigns have enlisted more people and technology to protect their networks. Those changes came after suspected Russian military hackers breached the Democratic National Committee in 2016 and leaked emails aimed at damaging Hillary Clinton’s campaign. “At the national level and the leading campaigns, there’s a much higher degree of vigilance,” Microsoft’s Tom Burt told CyberScoop, comparing the state of […]
The post Microsoft looks to expose espionage groups taking aim at NGOs, US politics appeared first on CyberScoop.
Continue reading Microsoft looks to expose espionage groups taking aim at NGOs, US politics
The FBI and the NSA released a report on the Russian-based malware that attacks Linux known as Drovorub (PDF) and it is an interesting read. Drovorub uses a kernel module rootkit and allows a remote attacker to control your computer, transfer files, and forward ports. And the kernel module takes …read more
The National Security Agency (NSA) and the Federal Bureau of Investigation (FBI) have revealed the existence of a new piece of malware named Drovorub, most likely developed by a military unit of the Russian General Staff Main Intelligence Directorate (… Continue reading Russia’s GRU Military Unit Behind Previously Unknown Linux Malware, NSA Says