#fancybear — Public Fediverse posts

https://www.europesays.com/britain/10074/ UK NCSC says APT28 exploits routers for DNS hijacking, enabling large-scale traffic interception #AdversaryInTheMiddle #AiTM #APT28 #AuthenticationToken #CredentialHarvesting #CyberOperations #DHCP #DNSHijacking #espionage #FancyBear #ForestBlizzard #MilitaryIntelligence #NCSC #NetworkCompromise #RouterConfigurations #routers #SednitGang #Sofacy #Strontium #TrafficInterception #UK #UnitedKingdom #vulnerabilities

📢 Russian-linked #ForestBlizzard hackers hijack home routers for global surveillance, as Microsoft warns that thousands of devices are compromised to intercept traffic and sensitive data.

Read: https://hackread.com/russian-forest-blizzard-hackers-hijack-home-routers/

#CyberSecurity #Hacking #Russia #FancyBear #Routers

Authorities disrupt router #DNS hijacks used to steal #Microsoft365 logins

https://www.bleepingcomputer.com/news/security/authorities-disrupt-dns-hijacks-used-to-steal-microsoft-365-logins/

#cybersecurity #Microsoft #MikroTik #TPLink #FrostArmada #Russia #FancyBear

https://www.europesays.com/ee/148861/ USA tegi kahjutuks ruuteritesse häkkinud GRU võrgustiku | Välismaa #apt28 #BfV #BreakingNews #BreakingNews #EE #Eesti #EestiKeel #Estonia #Estonian #FancyBear #FBI #FeaturedNews #FeaturedNews #ForestBlizzard #gchq #GRU #Headlines #LatestNews #LatestNews #mikrotik #ncsc #News #PopulaarseimadLood #ruuterid #TopStories #TopStories #TpLink #ÜldisedUudised #Uudised #VeneHäkkerid #ViimasedUudised

Warnung aus UK 🇬🇧 : Russische Cyberkriminelle kapern Router zum Passwort-Klau | heise online https://www.heise.de/news/Warnung-aus-UK-Russische-Cyberkriminelle-kapern-Router-zum-Passwort-Klau-11247959.html #CyberCrime #Russland 🇷🇺 #Russia 🇷🇺 #APT28 #ForestBlizzard #FancyBear #STRONTIUM #Sednit #Sofacy

Warnung aus UK 🇬🇧 : Russische Cyberkriminelle kapern Router zum Passwort-Klau | heise online https://www.heise.de/news/Warnung-aus-UK-Russische-Cyberkriminelle-kapern-Router-zum-Passwort-Klau-11247959.html #CyberCrime #Russland 🇷🇺 #Russia 🇷🇺 #APT28 #ForestBlizzard #FancyBear #STRONTIUM #Sednit #Sofacy

Warnung aus UK 🇬🇧 : Russische Cyberkriminelle kapern Router zum Passwort-Klau | heise online https://www.heise.de/news/Warnung-aus-UK-Russische-Cyberkriminelle-kapern-Router-zum-Passwort-Klau-11247959.html #CyberCrime #Russland 🇷🇺 #Russia 🇷🇺 #APT28 #ForestBlizzard #FancyBear #STRONTIUM #Sednit #Sofacy

Warnung aus UK 🇬🇧 : Russische Cyberkriminelle kapern Router zum Passwort-Klau | heise online https://www.heise.de/news/Warnung-aus-UK-Russische-Cyberkriminelle-kapern-Router-zum-Passwort-Klau-11247959.html #CyberCrime #Russland 🇷🇺 #Russia 🇷🇺 #APT28 #ForestBlizzard #FancyBear #STRONTIUM #Sednit #Sofacy

Russia Hacked Routers to Steal Microsoft Office Tokens

https://krebsonsecurity.com/2026/04/russia-hacked-routers-to-steal-microsoft-office-tokens/

#NationalCyberSecurityCentre #InternetofThings(IoT) #Ne'er-Do-WellNews #ALittleSunshine #MicrosoftOffice #LatestWarnings #TheComingStorm #BlackLotusLabs #ForestBlizzard #DannyAdamitis #RyanEnglish #FancyBear #MikroTik #TP-Link #APT28 #Lumen

ClearSky exposes Russian cyber operation targeting Ukraine with newly discovered BadPaw, MeowMeow malware https://www.byteseu.com/1852118/ #APT28 #BadPaw #ClearSky #Conflicts #CyberOperation #FancyBear #malware #MeowMeow #Powershell #Russia #RussiaUkraineWar #RussiaUkraine #RussianInvasionOfUkraine #RussoUkrainianWar #ThreatLandscape #Ukraine #utilities

Russian BlueDelta (Fancy Bear) uses PDFs to steal logins in just 2 seconds, targeting energy and research professionals globally.

Read: https://hackread.com/russian-bluedelta-fancy-bear-pdfs-steal-login/

#BlueDelta #FancyBear #Phishing #CyberSecurity #Russia

Ukrainian Government Systems Targeted With Backdoors Hidden in Cloud APIs and Docs https://thecyberexpress.com/ukrainian-government-systems-targeted/ #UkrainianGovernmentSystems #TheCyberExpressNews #TheCyberExpress #FirewallDaily #CyberWarfare #MalwareNews #CyberNews #Espionage #FancyBear #Phishing #CERTUA #Russia #Signal #APT28 #APT28 #ICS

Ukrainian Government Systems Targeted With Backdoors Hidden in Cloud APIs and Docs https://thecyberexpress.com/ukrainian-government-systems-targeted/ #UkrainianGovernmentSystems #TheCyberExpressNews #TheCyberExpress #FirewallDaily #CyberWarfare #MalwareNews #CyberNews #Espionage #FancyBear #Phishing #CERTUA #Russia #Signal #APT28 #APT28 #ICS

Ukrainian Government Systems Targeted With Backdoors Hidden in Cloud APIs and Docs https://thecyberexpress.com/ukrainian-government-systems-targeted/ #UkrainianGovernmentSystems #TheCyberExpressNews #TheCyberExpress #FirewallDaily #CyberWarfare #MalwareNews #CyberNews #Espionage #FancyBear #Phishing #CERTUA #Russia #Signal #APT28 #APT28 #ICS

Ukrainian Government Systems Targeted With Backdoors Hidden in Cloud APIs and Docs https://thecyberexpress.com/ukrainian-government-systems-targeted/ #UkrainianGovernmentSystems #TheCyberExpressNews #TheCyberExpress #FirewallDaily #CyberWarfare #MalwareNews #CyberNews #Espionage #FancyBear #Phishing #CERTUA #Russia #Signal #APT28 #APT28 #ICS

Zimbra CVE-2024-27443 XSS Flaw Hits 129K Servers, Sednit Suspected https://hackread.com/zimbra-cve-2024-27443-xss-flaw-hit-sednit-servers/ #Cybersecurity #Vulnerability #CyberAttacks #CyberAttack #FancyBear #Security #Russia #Sednit #Zimbra #XSS

Zimbra CVE-2024-27443 XSS Flaw Hits 129K Servers, Sednit Suspected – Source:hackread.com https://ciso2ciso.com/zimbra-cve-2024-27443-xss-flaw-hits-129k-servers-sednit-suspected-sourcehackread-com/ #1CyberSecurityNewsPost #CyberSecurityNews #cybersecurity #Vulnerability #CyberAttacks #CyberAttack #FancyBear #Hackread #security #Russia #Sednit #Zimbra #XSS

⚠️ Critical #XSS flaw actively exploited in Zimbra Collaboration Suite, putting over 129,000 servers at risk. Researchers suspect involvement of #Sednit (aka Fancy Bear).

Read: https://hackread.com/zimbra-cve-2024-27443-xss-flaw-hit-sednit-servers/

#CyberSecurity #Vulnerability #FancyBear #Zimbra

Detect APT28 Attacks: russian GRU Unit 26156 Targets Western Logistics and Technology Companies Coordinating Aid to Ukraine in a Two-Year Hacking Campaign – Source: socprime.com https://ciso2ciso.com/detect-apt28-attacks-russian-gru-unit-26156-targets-western-logistics-and-technology-companies-coordinating-aid-to-ukraine-in-a-two-year-hacking-campaign-source-socprime-com/ #rssfeedpostgeneratorecho #CyberSecurityNews #Latestthreats #GRUUnit26165 #socprimecom #AA25-141A #CISAAlert #FancyBear #Blog

From TV5Monde to Govt: France Blames Russia’s APT28 for Cyberattacks – Source:hackread.com https://ciso2ciso.com/from-tv5monde-to-govt-france-blames-russias-apt28-for-cyberattacks-sourcehackread-com/ #1CyberSecurityNewsPost #CyberSecurityNews #ForestBlizzard #cybersecurity #CyberAttacks #CyberAttack #BlueDelta #FancyBear #Hackread #security #TV5Monde #France #Sednit #Sofacy #APT28

From TV5Monde to Govt: France Blames Russia’s APT28 for Cyberattacks https://hackread.com/tv5monde-govt-france-russia-apt28-cyberattacks/ #ForestBlizzard #Cybersecurity #CyberAttacks #CyberAttack #BlueDelta #FancyBear #Security #TV5Monde #France #Sednit #Sofacy #APT28

Hatte euch das mit #datarade und #datastream schon beunruhigt? Dann solltet ihr evt. die kleine "Bären-Doku" doch nicht anschauen. Das könnte Teile der Bevölkerung ...

https://y.lab.nrw/bthack [ard mediathek]

Aber #NIS2 kommt ja... schon bald...

\__
#simplicissimus #bthack #vsc #xtunnel #fancybear #voodoobear #cyberwar #38c3 #cyberwehr #nohackback #hackback #apt28 #bsi

Nearest Neighbor Attack: Angriff über WLAN des Nachbarn | Security https://www.heise.de/news/US-Firma-ueber-benachbarte-WLAN-Geraete-Dritter-angegriffen-10129358.html #CyberCrime #APT28 #FancyBear #ForestBlizzard #Sofacy #GruesomeLarch

The Russian APT Tool Matrix
#CozyBear #FancyBear #BerserkBear #EMBERBEAR #Sandworm #Gamaredon #Turla
https://blog.bushidotoken.net/2024/09/the-russian-apt-tool-matrix.html

Russian Hackers Suspected in German Air Traffic Control Deutsche Flugsicherung Cyberattack https://thecyberexpress.com/russian-deutsche-flugsicherung-cyberattack/ #criticalinfrastructure #DeutscheFlugsicherung #TheCyberExpressNews #CybersecurityNews #airtrafficcontrol #Vulnerabilities #TheCyberExpress #FirewallDaily #cybersecurity #Cyberattack #FancyBear #Germany #Russia #APT28 #DFS #GRU

Deutsche Flugsicherung offenbar von Russland gehackt

https://www.br.de/nachrichten/deutschland-welt/cyber-attacke-auf-deutsche-flugsicherung,UN7rsL4

#DFS #FancyBear #apt28 #SofacyGroup
#russland #kritis

Russian APT28 Exploiting Windows Vulnerability with GooseEgg Tool https://www.hackread.com/russia-apt28-windows-vulnerability-gooseegg-tool/ #ForestBlizzard #Vulnerability #CyberAttacks #FancyBear #Microsoft #Security #GooseEgg #Windows #Russia #APT28

Microsoft reported that APT28 (Fancy Bear, Forest Blizzard) used a custom tool to elevate privileges and steal credentials in compromised networks. This GooseEgg tool leveraged CVE-2022-38028 (7.8 high, disclosed 11 October 2022 by Microsoft; Windows Print Spooler Elevation of Privilege Vulnerability) as a zero-day since at least June 2020 (possibly as early as April 2019) which was 2 years 4 months. APT28 is publicly attributed to Russian General Staff Main Intelligence Directorate (GRU). IOC provided. 🔗 https://www.microsoft.com/en-us/security/blog/2024/04/22/analyzing-forest-blizzards-custom-post-compromise-tool-for-exploiting-cve-2022-38028-to-obtain-credentials/

cc: @serghei @campuscodi @briankrebs @jwarminsky

#APT28 #cyberespionage #Russia #FancyBear #ForestBlizzard #CVE_2022_38028 #eitw #activeexploitation #GooseEgg

#FBI Dismantles #Ubiquiti Router Botnet Controlled by #Russia
“Non-GRU cybercriminals installed the Moobot malware on Ubiquiti #EdgeOS routers that still used publicly known default administrator #passwords. #GRU hackers then used the #Moobot #malware to install their own bespoke scripts and files that repurposed the botnet, turning it into a global cyber #espionage platform,” agency said
https://www.securityweek.com/fbi-dismantles-ubiquiti-router-botnet-controlled-by-russian-cyberspies/ #ForestBlizzard #Sofacy #FancyBear #APT28

Please patch and change #defaultpasswords

GRU 26165: The Russian cyber unit that hacks targets on-site
#cyber #intelligence #threatintel #apts #cybersecurity #fancybear #apt28

https://www.atlanticcouncil.org/content-series/tech-at-the-leading-edge/the-russian-cyber-unit-that-hacks-targets-on-site/