The deputy head of #Ukraines military intelligence told the #Economist that the order has gone out for #Russia to “take something” before #VictoryDay on May 9th, or a week later.
An offensive is expected in the #Kharkiv and #Sumy regions.
The German Foreign Minister said that #apt28 a hacking group led by #Russianmilitary intelligence, was behind the attack and that it "will have consequences," the Kyiv Independent reports.
This analysis of #APT28 aka #ForestBlizzard methodology is being reported all over as though it were special. And while it may be "unique" to the group, it's just...not that special.
Everything I see here should be detected by modern standard defenses. This attack chain doesn't even read like an APT to me; it reads like a cybercrime group.
🔥 Russian #hacking group #APT28, known as Fancy Bear, is using NTLM relay attacks to breach high-value organizations worldwide, including foreign affairs, energy, defense and finance.
#APT28, a Russian threat actor, is using Israel-Hamas war-related lures to distribute the HeadLace backdoor. This targeted campaign affects 13 nations globally.
Cluster25: low-medium confidence that Russian state-sponsored APT28 Fancy Bear attributed to CVE-2023-38831 exploitation as part of a phishing campaign designed to harvest credentials from compromised systems. CVE2-2023-38831 is a 7.8 high severity vulnerability in WinRAR that was exploited as a Zero-Day by cybercriminals, and disclosed by Group-IB on 23 August 2023. Link:https://blog.cluster25.duskrise.com/2023/10/12/cve-2023-38831-russian-attack
📨 Latest issue of my curated #cybersecurity and #infosec list of resources for week #36/2023 is out! It includes the following and much more:
➝ 🇺🇸 ☁️ #Microsoft finally explains cause of #Azure breach: An engineer’s account was hacked
➝ 🎫 🔓 See Tickets says #hackers accessed customers’ payment data — again
➝ 🇳🇱 🔓 Chipmaker NXP Semiconductors confirms #databreach involving customers’ information
➝ 🇬🇧 🔓 #UK election body failed cybersecurity test before hack
➝ 🚮 🔓 #Freecycle confirms massive data breach impacting 7 million users
➝ 🇦🇺 🔓 University of #Sydney data breach impacts recent applicants
➝ 🇷🇺 🇺🇸 Wealthy Russian With #Kremlin Ties Gets 9 Years in #Prison for Hacking and Insider Trading Scheme
➝ 🇺🇸 ✈️ US Aeronautical Organization Hacked via #Zoho, #Fortinet Vulnerabilities
➝ 🇮🇷 🎣 Alert: #Phishing Campaigns Deliver New SideTwist Backdoor and Agent Tesla Variant
➝ 🇺🇦 🇷🇺 #Ukraine's CERT Thwarts #APT28's Cyberattack on Critical Energy #Infrastructure
➝ 🎰 💸 #Crypto#casino Stake.com loses $41 million to hot wallet hackers
➝ 🇺🇸 🇬🇧 US, UK take action against members of the Russian-linked #Trickbot hacker syndicate
➝ 🚗 👀 25 Major Car Brands Get Failing Marks From Mozilla for Security and Privacy
➝ 🇬🇧 👀 UK lawmakers back down on encryption-busting ‘spy clause’
➝ 🌏 Hundreds of thousands trafficked to work as online scammers in SE #Asia, says UN report
➝ 🇺🇸 ✍🏻 #CISA Hires @dotmudge to Work on Security-by-Design Principles
➝ 🇬🇧 🛒 Children's snack recalled after its website caught serving porn
➝ 🇸🇪 💰 Insurer fined $3M for exposing data of 650k clients for two years
➝ 🇷🇺 Elon Musk's erosion of safety standards at X is helping #Putin spread Russian propaganda, study finds
➝ 🇰🇵 North Korea-backed hackers target security researchers with 0-day
➝ 🎣 Researchers identify high-grade phishing kits attacking nearly 60,000 #Microsoft365 accounts
➝ 🇮🇳 🤖 #India warns of #malware attacks targeting its #Android users
➝ 🇨🇳 💬 Chinese-Speaking Cybercriminals Launch Large-Scale #iMessage Smishing Campaign in U.S.
➝ 💸 💌 Fake #YouPorn extortion #scam threatens to leak your sex tape
➝ 👤 #Okta Warns of Social Engineering Attacks Targeting Super Administrator Privileges
➝ 🎣 🛡️ #Google is enabling #Chrome real-time phishing protection for everyone
➝ 📱🧨 Hacking device #FlipperZero can spam nearby #iPhones with #Bluetooth pop-ups
➝ 🩹 🍏 #Apple patches “clickless” 0-day image processing #vulnerability in #iOS, #macOS
➝ 🩹 🔓 #AtlasVPN to Patch IP Leak Vulnerability After Public Disclosure
📚 This week's recommended reading is: "Blue Team Handbook: SOC, SIEM, and Threat Hunting (V1.02): A Condensed Guide for the Security Operations Team and Threat Hunter" by Don Murdoch GSE, MSISE, MBA
Subscribe to the #infosecMASHUP newsletter to have it piping hot in your inbox every week-end ⬇️