home.social
Sign in Create account

#seashellblizzard — Public Fediverse posts

Live and recent posts from across the Fediverse tagged #seashellblizzard, aggregated by home.social.

  1. Pyrzout :vm: @[email protected] ·

    Amazon: Russian GRU hackers favor misconfigured devices over vulnerabilities hackread.com/amazon-russia-gru #SeashellBlizzard #CurlyCOMrades #Cybersecurity #Vulnerability #CyberAttack #CyberCrime #Security #Sandworm #Malware #Amazon #Russia #APT44 #0day #AWS #GRU

    #seashellblizzard #curlycomrades #cybersecurity #vulnerability #cyberattack #cybercrime
  2. Pyrzout :vm: @[email protected] ·

    Seashell Blizzard Attack Detection: A Long-Running Cyber-Espionage “BadPilot” Campaign by russian-linked Hacking Group  – Source: socprime.com ciso2ciso.com/seashell-blizzar #rssfeedpostgeneratorecho #CyberSecurityNews #SeashellBlizzard #Latestthreats #socprimecom #BadPilot #Sandworm #socprime #APT44 #Blog #APT

    #rssfeedpostgeneratorecho #cybersecuritynews #seashellblizzard #latestthreats #socprimecom #badpilot
  3. CyberEd :verified: @[email protected] ·

    #G0034 #apt44 #seashellblizzard > The #BadPilot campaign: Seashell Blizzard subgroup conducts multiyear global access operation | Microsoft Security Blog

    #g0034 #apt44 #seashellblizzard #badpilot
  4. Just Another Blue Teamer @[email protected] ·

    Good day everyone, new Blizzard has dropped!

    Microsoft's Threat Intelligence shares their research on a Russian state actor dubbed #SeashellBlizzard! Part of the GRU, they specialize in operations from espionage to information operation and cyber-enabled disruptions which have resulted in destructive attacks and manipulation of ICS. They have leveraged different types of malware to include #KillDisk, #FoxBlade, and #NotPetya.

    Behavior Summary (With MITRE ATT&CK):
    Initial Access - TA0001:
    Exploit Public-Facing Application - T1190
    Seashell Blizzard commonly exploited vulnerable public facing infrastructure.

    Persistence - TA0003:
    Create or Modify System Process: Windows Service - T1543.003 -
    Among other means of persistence, Seashell Blizzard created a system service.

    Execution - TA0002:
    Command and Scripting Interpreter: PowerShell - T1059.001
    Command and Scripting Interpreter: Windows Command Shell - T1059.003
    Seashell Blizzard abused both of these living off the land binaries for multiple reasons and using multiple different parameters.

    As always, there is WAAAAY too many technical details here, so go check it out yourself! Enjoy the read and Happy Hunting!

    The BadPilot campaign: Seashell Blizzard subgroup conducts multiyear global access operation
    microsoft.com/en-us/security/b

    Intel 471 Cyborg Security, Now Part of Intel 471 #ThreatIntel #ThreatHunting #ThreatDetection #HappyHunting #readoftheday

    #seashellblizzard #killdisk #foxblade #notpetya #threatintel #threathunting
  5. Pyrzout :vm: @[email protected] ·

    Russian Seashell Blizzard Hackers Have Access to Critical Infrastructure: Microsoft – Source: www.securityweek.com ciso2ciso.com/russian-seashell #rssfeedpostgeneratorecho #CyberSecurityNews #SeashellBlizzard #securityweekcom #securityweek #NationState #Microsoft #FEATURED #Sandworm #Russia #APT44

    #rssfeedpostgeneratorecho #cybersecuritynews #seashellblizzard #securityweekcom #securityweek #nationstate
  6. Pyrzout :vm: @[email protected] ·

    Russian Seashell Blizzard Hackers Gain, Maintain Access to High-Value Targets: Microsoft securityweek.com/russian-seash #SeashellBlizzard #Nation-State #Microsoft #Sandworm #Russia #APT44

    #seashellblizzard #nation #microsoft #sandworm #russia #apt44
  7. Pyrzout :vm: @[email protected] ·

    Russian Seashell Blizzard Hackers Gain, Maintain Access to High-Value Targets: Microsoft securityweek.com/russian-seash #SeashellBlizzard #Nation-State #Microsoft #Sandworm #Russia #APT44

    #seashellblizzard #nation #microsoft #sandworm #russia #apt44