GRU – Page 3 – WindowsTechs.com

EU slaps sanctions on GRU leader, Fancy Bear, FBI-wanted hacker over Bundestag attack

Posted on October 22, 2020 by Tim Starks

The European Union on Thursday sanctioned the head of a Russian military intelligence unit, an alleged hacker wanted by the FBI and a Russian government-linked hacking group over a 2015 cyberattack against Germany’s parliament. It’s only the second time the EU has issued cyber-related sanctions, following July sanctions against Russia, China and North Korea in connection with a string of unrelated cyberattacks. Now, as then, the General Staff Main Intelligence Directorate, commonly known as the GRU, is among the targets of the EU’s ire. Igor Kostyukov, head of the GRU, was hit with sanctions in Thursday’s action over the Bundestag hack. So, too, was alleged intelligence officer Dmitry Badin, previously indicted in the U.S. for his role in 2016 election interference. The EU also sanctioned the GRU-connected hacking group known as Fancy Bear, among other names, which the U.S. has likewise connected to 2016 election meddling. “The cyber-attack against the German federal parliament targeted the parliament’s information […]

The post EU slaps sanctions on GRU leader, Fancy Bear, FBI-wanted hacker over Bundestag attack appeared first on CyberScoop.

Continue reading EU slaps sanctions on GRU leader, Fancy Bear, FBI-wanted hacker over Bundestag attack→

GRU Agents Indicted for Hacking Multiple Targets

Posted on October 20, 2020 by Richi Jennings

The DoJ has charged six Russians, allegedly working for the GRU, with a huge range of computer crimes.
The post GRU Agents Indicted for Hacking Multiple Targets appeared first on Security Boulevard.
Continue reading GRU Agents Indicted for Hacking Multiple Targets→

Russian “government hackers” charged with cybercrimes by the US

Posted on October 20, 2020 by Naked Security writer

What can we learn from the US DOJ indictments against the “Sandworm Team”? Continue reading Russian “government hackers” charged with cybercrimes by the US→

DOJ Charges 6 Sandworm APT Members in NotPetya Cyberattacks

Posted on October 19, 2020 by Lindsey O'Donnell

DOJ charges six Russian nationals for their alleged part in the NotPetya, Ukraine power grid and Olympics cyberattacks. Continue reading DOJ Charges 6 Sandworm APT Members in NotPetya Cyberattacks→

Microsoft looks to expose espionage groups taking aim at NGOs, US politics

Posted on September 29, 2020 by Sean Lyngaas

Foreign espionage groups, including those bent on undermining the U.S. political process, have targeted non-government organizations and think tanks more than any other sector in a bid to gather intelligence, according to new data from Microsoft. Of the thousands of notifications Microsoft made to customers about state-linked hacking activity from mid-2019 to mid-2020, NGOs accounted for 32% of those alerts, the company said in a report released Tuesday. And over 90% of those notifications have been outside of critical infrastructure sectors. The focus on targets outside Washington suggests hacking groups could be in search of softer targets during an election season when Democratic and Republican campaigns have enlisted more people and technology to protect their networks. Those changes came after suspected Russian military hackers breached the Democratic National Committee in 2016 and leaked emails aimed at damaging Hillary Clinton’s campaign. “At the national level and the leading campaigns, there’s a much higher degree of vigilance,” Microsoft’s Tom Burt told CyberScoop, comparing the state of […]

The post Microsoft looks to expose espionage groups taking aim at NGOs, US politics appeared first on CyberScoop.

Continue reading Microsoft looks to expose espionage groups taking aim at NGOs, US politics→

FBI Reports on Linux Drovorub Malware

Posted on August 22, 2020 by Al Williams

The FBI and the NSA released a report on the Russian-based malware that attacks Linux known as Drovorub (PDF) and it is an interesting read. Drovorub uses a kernel module rootkit and allows a remote attacker to control your computer, transfer files, and forward ports. And the kernel module takes …read more

Continue reading FBI Reports on Linux Drovorub Malware→

Russia’s GRU Military Unit Behind Previously Unknown Linux Malware, NSA Says

Posted on August 14, 2020 by Silviu STAHIE

The National Security Agency (NSA) and the Federal Bureau of Investigation (FBI) have revealed the existence of a new piece of malware named Drovorub, most likely developed by a military unit of the Russian General Staff Main Intelligence Directorate (… Continue reading Russia’s GRU Military Unit Behind Previously Unknown Linux Malware, NSA Says→

EU sanctions Russian intelligence, Chinese nationals and a North Korean front company for alleged hacks

Posted on July 30, 2020 by Jeff Stone

The European Union has sanctioned six people and three organizations in Russia, China and North Korea in connection with three major cyberattacks dating back to 2017. EU officials announced Thursday they would enact restrictive measures against the people it deemed responsible for the WannaCry ransomware outbreak in 2017, the NotPetya campaign and Operation Cloud Hopper, a Chinese cyber-espionage effort. Penalties include a travel ban, asset freeze and prohibit people and organizations in the EU from “making funds available” to the sanctioned individuals and entities. The move follows previous U.S. allegations against many of the same parties. “Sanctions are one of the options available in the EU’s cyber diplomacy toolbox to prevent, deter and respond to malicious cyber activities directed against the EU or its member states, and today is the first time the EU has used this tool,” officials said in a statement. The sanctions name unit 74455 of Russia’s […]

The post EU sanctions Russian intelligence, Chinese nationals and a North Korean front company for alleged hacks appeared first on CyberScoop.

Continue reading EU sanctions Russian intelligence, Chinese nationals and a North Korean front company for alleged hacks→

NSA: Russia Hacking U.S. Firms, via Old Exim Flaw

Posted on May 29, 2020 by Richi Jennings

The Russian state is breaking into companies, exploiting a vulnerability in an open-source email server.
The post NSA: Russia Hacking U.S. Firms, via Old Exim Flaw appeared first on Security Boulevard.
Continue reading NSA: Russia Hacking U.S. Firms, via Old Exim Flaw→

NSA calls out Russian military hackers targeting mail relay software

Posted on May 28, 2020 by Shannon Vavra

Hackers working for Russia’s intelligence agency have been exploiting a vulnerability in a mail relay software since August of last year, according to an alert issued Thursday by by the National Security Agency. The NSA publicly attributes the actions to the Russian military’s Main Center for Special Technologies (GTsST). That group is more commonly known as Sandworm, the hacking group believed to be responsible for Ukraine grid disruptions. The alert comes amid a broader agency effort to publicly share more unclassified threat intelligence. The NSA established a cybersecurity directorate last year to take the reins on providing real-time information in the hopes to prevent digital intrusions against U.S. networks. The Exim Mail Transfer Agent (MTA) vulnerability exploited in this case, CVE-2019-10149, allows the threat actors to execute commands and code remotely. When Sandworm exploits the vulnerability, victim machines download and execute a shell script from a Sandworm-controlled domain, according to […]

The post NSA calls out Russian military hackers targeting mail relay software appeared first on CyberScoop.

Continue reading NSA calls out Russian military hackers targeting mail relay software→