home.social

#forestblizzard — Public Fediverse posts

Live and recent posts from across the Fediverse tagged #forestblizzard, aggregated by home.social.

Eesti @[email protected] · 2026-04-08 · 08:38 UTC

https://www.europesays.com/ee/148861/ USA tegi kahjutuks ruuteritesse häkkinud GRU võrgustiku | Välismaa #apt28 #BfV #BreakingNews #BreakingNews #EE #Eesti #EestiKeel #Estonia #Estonian #FancyBear #FBI #FeaturedNews #FeaturedNews #ForestBlizzard #gchq #GRU #Headlines #LatestNews #LatestNews #mikrotik #ncsc #News #PopulaarseimadLood #ruuterid #TopStories #TopStories #TpLink #ÜldisedUudised #Uudised #VeneHäkkerid #ViimasedUudised

#viimaseduudised #venehakkerid #uudised #uldiseduudised #tplink #topstories
Marcel SIneM(S)US @[email protected] · 2026-04-08 · 03:43 UTC

Warnung aus UK 🇬🇧 : Russische Cyberkriminelle kapern Router zum Passwort-Klau | heise online https://www.heise.de/news/Warnung-aus-UK-Russische-Cyberkriminelle-kapern-Router-zum-Passwort-Klau-11247959.html #CyberCrime #Russland 🇷🇺 #Russia 🇷🇺 #APT28 #ForestBlizzard #FancyBear #STRONTIUM #Sednit #Sofacy

#cybercrime #russland #russia #apt28 #forestblizzard #fancybear
KrebsOnSecurity RSS @[email protected] · 2026-04-07 · 18:00 UTC

Russia Hacked Routers to Steal Microsoft Office Tokens
https://krebsonsecurity.com/2026/04/russia-hacked-routers-to-steal-microsoft-office-tokens/
#NationalCyberSecurityCentre #InternetofThings(IoT) #Ne'er-Do-WellNews #ALittleSunshine #MicrosoftOffice #LatestWarnings #TheComingStorm #BlackLotusLabs #ForestBlizzard #DannyAdamitis #RyanEnglish #FancyBear #MikroTik #TP-Link #APT28 #Lumen

#nationalcybersecuritycentre #internetofthings #ne #alittlesunshine #microsoftoffice #latestwarnings
Not Simon @[email protected] · 2024-04-22 · 16:54 UTC

Microsoft reported that APT28 (Fancy Bear, Forest Blizzard) used a custom tool to elevate privileges and steal credentials in compromised networks. This GooseEgg tool leveraged CVE-2022-38028 (7.8 high, disclosed 11 October 2022 by Microsoft; Windows Print Spooler Elevation of Privilege Vulnerability) as a zero-day since at least June 2020 (possibly as early as April 2019) which was 2 years 4 months. APT28 is publicly attributed to Russian General Staff Main Intelligence Directorate (GRU). IOC provided. 🔗 https://www.microsoft.com/en-us/security/blog/2024/04/22/analyzing-forest-blizzards-custom-post-compromise-tool-for-exploiting-cve-2022-38028-to-obtain-credentials/
cc: @serghei @campuscodi @briankrebs @jwarminsky
#APT28 #cyberespionage #Russia #FancyBear #ForestBlizzard #CVE_2022_38028 #eitw #activeexploitation #GooseEgg

#apt28 #cyberespionage #russia #fancybear #forestblizzard #cve_2022_38028
Benjamin Carr, Ph.D. 👨🏻‍💻🧬 @[email protected] · 2024-02-17 · 15:04 UTC

#FBI Dismantles #Ubiquiti Router Botnet Controlled by #Russia
“Non-GRU cybercriminals installed the Moobot malware on Ubiquiti #EdgeOS routers that still used publicly known default administrator #passwords. #GRU hackers then used the #Moobot #malware to install their own bespoke scripts and files that repurposed the botnet, turning it into a global cyber #espionage platform,” agency said
https://www.securityweek.com/fbi-dismantles-ubiquiti-router-botnet-controlled-by-russian-cyberspies/ #ForestBlizzard #Sofacy #FancyBear #APT28
Please patch and change #defaultpasswords

#fbi #ubiquiti #russia #edgeos #passwords #gru