Collaborate Disseminate
Security researchers have identified a new phishing campaign launched by Russian cyberespionage group Fancy Bear that uses rogue blogspot.com URLs to bypass spam filters. These latest attacks were aimed at Bellingcat, a group of volunteers who perform … Continue reading Fancy Bear Cyberspies Hide Phishing Pages Behind Blogspot Links
Sofacy has been using a lure document connected to a cyber conflict conference to target researchers and others interested in cybersecurity. Continue reading Latest Sofacy Campaign Targeting Security Researchers
In the face of allegations that Kaspersky Lab works hand-in-hand with Russian intelligence, the Moscow-based cybersecurity published a detailed report Wednesday exposing a complex and expansive cyber-espionage operation orchestrated by what appears to be a Russia-based hacking group. The research, authored by Kaspersky’s high-level GReAT team, reveals some of the techniques, processes and tools used by an attacker with similarities to two known hacking groups, Sofacy and Turla. Both of these groups are considered advanced persistent threats (APTs) and have been linked to the Russian government by U.S. cybersecurity firms CrowdStrike and FireEye. Kaspersky rarely attributes hacking groups to particular governments. This latest activity revealed by Kaspersky is codenamed “WhiteBear,” as it resembles but doesn’t match up entirely with known Sofacy or Turla operations. WhiteBear is likely a subgroup within or campaign of Turla group, the firm says. Based on a technical analysis by Kaspersky, WhiteBear’s recent activity appears to represent […]
The post Kaspersky exposes apparent Russian cyber-espionage operation amid U.S. criticism appeared first on Cyberscoop.
Continue reading Kaspersky exposes apparent Russian cyber-espionage operation amid U.S. criticism
Researchers believe attacks against wi-fi systems in hotels across Europe and the Middle East track back to Russian-speaking hackers known as APT28. Continue reading APT28 Using EternalBlue to Attack Hotels in Europe, Middle East
Mike Mimoso and Chris Brook discuss the news of the week including the return of the Mamba ransomware, APT trends, a mystery company’s 250K bug bounty, and a high schooler’s $10K bug bounty from Google. Continue reading Threatpost News Wrap, August 11, 2017
Attackers behind APT campaigns have kept busy in Q2 2017, adding new ways to bypass detection, crafting new payloads to drop, and identifying new zero days and backdoors to help them infect users and maintain persistence on machines.
Continue reading Updates to Sofacy, Turla Highlight 2017 Q2 APT Activity
Since 2014, Kaspersky Lab’s Global Research and Analysis Team (GReAT) has been providing threat intelligence reports to a wide-range of customers worldwide, leading to the delivery of a full and dedicated private reporting service. Prior to the new service offering, GReAT published research online for the general public in an effort to help combat the ever-increasing threat from nation-state and other advanced actors. Continue reading APT Trends report Q2 2017
Joint report “Grizzly Steppe” implicates Russian hacking group Fancy Bear in U.S. election-related hacking. Continue reading FBI-DHS Report Links Fancy Bear Gang to Election Hacks
As the United States kicks out 35 Russian intelligence officers after alleged election-related hacks, there are clear lessons that businesses and internet users can learn to make life harder for the attackers next time.
Continue reading Who helped Russia “hack” the US election? It might have been you…
German industrial firm ThyssenKrupp said it’s working with authorities to investigate a data breach of unspecified amount of internal data. Continue reading German Industrial Giant Victim of Cyber Espionage