2007, Accountability and Information Security

Russia-linked APT28 group spotted exploiting Outlook flaw to hijack MS Exchange accounts

Security Affairs

DECEMBER 5, 2023

Microsoft warns that the Russia-linked APT28 group is actively exploiting the CVE-2023-23397 Outlook flaw to hijack Microsoft Exchange accounts. ” reads trhe announcement published by DKWOC. “Activities using CVE-2023-23397 were first discovered by CERT-UA[2] and publicly described by Microsoft[3].

Accountability

Accountability Government Phishing Passwords

173 Million Zynga accounts were impacted in the September hack

Security Affairs

DECEMBER 28, 2019

In September Zynga, the American social game developer running social video game services suffered a data breach that 173 Million accounts. Zynga Inc is an American social game developer running social video game services founded in April 2007, it primarily focuses on mobile and social networking platforms. Pierluigi Paganini.

Accountability

Accountability Hacking Data breaches Passwords

Russian cybercriminal Aleksandr Brovko sentenced to 8 years in jail

Security Affairs

NOVEMBER 3, 2020

The scripts developed by the cyber criminal were used to parse log data collected from botnet and searched for personally identifiable information (PII) and account credentials. In some cases, the man manually chacked the stolen information. Brovko was involved in the illegal practice between 2007 and 2019.

Accountability

Accountability Banking Advertising Data collection

Russia-linked APT28 has been scanning vulnerable email servers in the last year

Security Affairs

MARCH 20, 2020

According to security researchers from Trend Micro, the Russia-linked APT28 cyberespionage group has been scanning vulnerable email servers for more than a year. The group was observed using this scheme between 2019 and 2020, and according to the experts, most of the compromised email accounts belong to defense companies in the Middle East.

Phishing

Phishing Accountability Advertising DNS

Russia-linked group APT29 likely breached TeamViewer’s corporate network

Security Affairs

JUNE 30, 2024

The unauthorized access to the IT infrastructure of the company occurred on June 26, threat actors used the credentials of a standard employee account within its IT environment. Upon detecting the suspicious activity by this account, the company immediately started the incident response measures.

Accountability

Accountability Hacking Architecture Malware

US Treasury sanctioned Iran ’s Ministry of Intelligence over Albania cyberattack

Security Affairs

SEPTEMBER 10, 2022

Since at least 2007, the MOIS coordinated a series of cyber operation against government entities and private organizations around the world. In January, USCYBERCOM officially linked the Iran-linked MuddyWater APT group (aka SeedWorm and TEMP.Zagros ) to Iran’s Ministry of Intelligence and Security (MOIS).

Government

Government Cyber Attacks Hacking Cyber threats

APT28 targets key networks in Europe with HeadLace malware

Security Affairs

JUNE 3, 2024

The APT28 group (aka Fancy Bear , Pawn Storm , Sofacy Group , Sednit , BlueDelta, and STRONTIUM ) has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. As expected, Ukraine topped the list, accounting for 40% of the activity.”

Malware

Malware Phishing Surveillance Internet

Russian hacker Andrei Tyurin sentenced to 12 years in prison

Security Affairs

JANUARY 11, 2021

His alleged hacking activities “lay claim to the largest theft of US customer data from a single financial institution in history, accounting for a staggering 80 million-plus victims,”. then they marketed the stocks in a deceptive and misleading manner to customers of the targeted companies whose information were previously stolen by TYURIN.

Hacking

Hacking Marketing Identity Theft Banking

Security Affairs - Untitled Article

Security Affairs

SEPTEMBER 29, 2019

Zynga Inc is an American social game developer running social video game services founded in April 2007, it primarily focuses on mobile and social networking platforms. Zynga confirmed that the account login information for certain players of Draw Something and Words With Friends that may have been exposed in the data breach.

Data breaches

Data breaches Mobile Accountability Passwords

France agency ANSSI warns of Russia-linked APT28 attacks on French entities

Security Affairs

OCTOBER 27, 2023

The APT28 group (aka Fancy Bear , Pawn Storm , Sofacy Group , Sednit , BlueDelta, and STRONTIUM ) has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. The document also includes a series of recommendations to protect against this type of attack.

Government

Government Accountability Phishing Hacking

North Korea-linked Zinc group posed as Samsung recruiters to target security firms

Security Affairs

NOVEMBER 28, 2021

. “TAG observed a North Korean government-backed attacker group that previously targeted security researchers posing as recruiters at Samsung and sending fake job opportunities to employees at multiple South Korean information security companies that sell anti-malware solutions.”

Malware

Malware Phishing Antivirus Hacking

US officials charge two Chinese men for laundering cryptocurrency for North Korea

Security Affairs

MARCH 3, 2020

This threat actor has been active since at least 2009, possibly as early as 2007, and it was involved in both cyber espionage campaigns and sabotage activities aimed to destroy data and disrupt systems. According to the Treasury and DOJ, Tian and Li received funds from North Korea-controlled accounts in at least two cases.

Cryptocurrency

Cryptocurrency Banking Hacking Accountability

Russia-linked APT8 exploited Outlook zero-day to target European NATO members

Security Affairs

DECEMBER 7, 2023

The APT28 group (aka Fancy Bear , Pawn Storm , Sofacy Group , Sednit , BlueDelta, and STRONTIUM ) has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. The group was involved also in the string of attacks that targeted 2016 Presidential election.

Government

Government Telecommunications Accountability Phishing

Google warns of APT28 attack attempts against 14,000 Gmail users

Security Affairs

OCTOBER 8, 2021

The APT28 group (aka Fancy Bear , Pawn Storm , Sofacy Group , Sednit , and STRONTIUM ) has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. This specific campaign accounted for 86% of the batch of warnings that the Google team sent out for this month.

Phishing

Phishing Government Hacking Accountability

North Korea-linked Lazarus APT targets defense industry with ThreatNeedle backdoor

Security Affairs

FEBRUARY 25, 2021

Next, the attackers logged in to the web interface using a privileged root account. It’s unknown how the attackers were able to obtain the credentials for that account, but it’s possible the credentials were saved in one of the infected system’s browser password managers.” ” reads the report published by the experts.

Malware

Malware Cryptocurrency Password Management Encryption

Microsoft: North Korea-linked Zinc APT targets security experts

Security Affairs

JANUARY 29, 2021

Microsoft Threat Intelligence Center (MSTIC) attributes this campaign with high confidence to ZINC, a DPRK-affiliated and state-sponsored group, based on observed tradecraft, infrastructure, malware patterns, and account affiliations.” Attackers used Twitter profiles for sharing links to a blog under their control ( br0vvnn[.]io

Malware

Malware Antivirus Hacking Accountability

Hacking firm I-Soon data leak revealed Chinese gov hacking capabilities

Security Affairs

FEBRUARY 26, 2024

i-SOON is a prominent contractor for various agencies of the Chinese government, including Ministry of Public Security, Ministry of State Security, and the People’s Liberation Army. The APT41 group, aka Winnti , Axiom, Barium , Blackfly, HOODOO) is a China-linked cyberespionage group that has been active since at least 2007.

Hacking

Hacking Government Marketing Spyware

Chinese state-sponsored hackers breached TeamViewer in 2016

Security Affairs

MAY 17, 2019

The Winnti group was first spotted by Kaspersky in 2013, according to the researchers the gang has been active since 2007. A recent article warns, “TeamViewer users have had their bank accounts emptied by hackers gaining full-system access”. The gang is financially-motivated and was mostly involved in cyber espionage campaigns.

Advertising

Advertising Architecture Software Cyber Attacks

Operation In(ter)reception targets Military and Aerospace employees in Europe and the Middle East

Security Affairs

JUNE 17, 2020

This threat actor has been active since at least 2009, possibly as early as 2007, and it was involved in both cyber espionage campaigns and sabotage activities aimed to destroy data and disrupt systems. “To send the malicious files, the attackers either used LinkedIn directly, or a combination of email and OneDrive.

Advertising

Advertising Malware Passwords Accountability

The Delicate Balance of Security Versus Usability

CyberSecurity Insiders

APRIL 20, 2021

As a security evangelist, you understand the necessity of adhering to a set of security requirements, but as a normal staff member, you can understand the frustration of your non-security coworkers. Is there ever such a thing as being a “normal” staff member after you have crossed into the elite world of information security?

Healthcare

Healthcare Information Security Wireless Security Awareness

China-linked APT41 group spotted using open-source red teaming tool GC2

Security Affairs

APRIL 17, 2023

The APT41 group, aka Winnti , Axiom, Barium , Blackfly, HOODOO) is a China-linked cyberespionage group that has been active since at least 2007. The researchers noticed that the most common attack against networks and cloud instances is the account takeover. ” continues the report.

Media

Media Accountability Malware Government

Russia-linked STRONTIUM APT targets IoT devices to hack corporate networks

Security Affairs

AUGUST 6, 2019

The STRONTIUM APT group (aka APT28 , Fancy Bear , Pawn Storm , Sofacy Group , and Sednit ) has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. The group was involved also in the string of attacks that targeted 2016 Presidential election. .

IoT

IoT Hacking Advertising Government

Russia-linked APT28 uses fake Windows Update instructions to target Ukraine govt bodies

Security Affairs

APRIL 30, 2023

The APT28 group (aka Fancy Bear , Pawn Storm , Sofacy Group , Sednit , and STRONTIUM ) has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. The group was involved also in the string of attacks that targeted 2016 Presidential election.

System Administration

System Administration Government Phishing Malware

US and UK agencies warn of Russia-linked APT28 exploiting Cisco router flaws

Security Affairs

APRIL 19, 2023

The APT28 group (aka Fancy Bear , Pawn Storm , Sofacy Group , Sednit , and STRONTIUM ) has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. The group was involved also in the string of attacks that targeted 2016 Presidential election. .”

Malware

Malware Firmware Government Education

Winnti APT group uses skip-2.0 malware to control Microsoft SQL Servers

Security Affairs

OCTOBER 21, 2019

Security experts at ESET have discovered a new malware, dubbed skip-2.0, The Winnti group was first spotted by Kaspersky in 2013, according to the researchers the gang has been active since 2007. used by the Chinese Winnti cyberespionage group to gain persistence on Microsoft SQL Server systems. The skip-2.0 ” The skip-2.0

Malware

Malware Passwords Advertising DNS

Is APT27 Abusing COVID-19 To Attack People ?!

Security Affairs

MARCH 19, 2020

It hijacks method on an old office 2007 component (Office Data Provider for – MSOSTYLE.exe). So it could not be considered malicious, but it could be considered accountable of the entire infection chain. A brand new script targeting old version of MSOffice. Stage 4 is decoded and run by Stage 3.

Computers and Electronics

Computers and Electronics Penetration Testing Malware Cyber Attacks

The Life and Death of Passwords: Improving Security With Passwords and People

Duo's Security Blog

MARCH 28, 2023

Humans are not the weakest link in information security. They’re the least invested in for security. Back in 2007, I believe, the Aurora attack saw Google employees targeted by a nation state. Can you elaborate on how people are seen, how users are seen as the problem, and your perspective or how you feel about that?

Passwords

Passwords Social Engineering Phishing Technology

Identity-based Cryptography

Thales Cloud Protection & Licensing

SEPTEMBER 26, 2019

IBC is mostly suitable to be deployed in an enterprise environment due to its light-weight key management, built-in key recovery and accountability. Horizons explores and prototypes new data security technologies and techniques, particularly in distributed cloud environments. ASIACRYPT 2007. References. Cécile Delerablée.

Encryption

Encryption Government Authentication Technology

EU Council sanctions two Russian military intelligence officers over 2015 Bundestag hack

Security Affairs

OCTOBER 22, 2020

The APT28 group (aka Fancy Bear , Pawn Storm , Sofacy Group , Sednit , and STRONTIUM ) has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. The group was involved also in the string of attacks that targeted 2016 Presidential election. continues the Der Spiegel.

Hacking

Hacking Cyber Attacks Government Identity Theft

NATO and the EU formally condemned Russia-linked APT28 cyber espionage

Security Affairs

MAY 5, 2024

. “The Federal Government’s national attribution procedure regarding this campaign has concluded that, for a relatively long period, the cyber actor APT28 used a critical vulnerability in Microsoft Outlook that remained unidentified at the time to compromise numerous email accounts.”

Government

Government Accountability Cyber Attacks Telecommunications

Is Russian group APT28 behind the cyber attack on the German air traffic control agency (DFS)?

Security Affairs

SEPTEMBER 5, 2024

The APT28 group (aka Fancy Bear , Pawn Storm , Sofacy Group , Sednit , BlueDelta, and STRONTIUM ) has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. The group was involved also in the string of attacks that targeted 2016 Presidential election.

Cyber Attacks

Cyber Attacks Hacking Government Accountability

China-linked APT group Winnti targets Japanese organizations since March 2024

Security Affairs

FEBRUARY 18, 2025

” The APT group was first spotted by Kaspersky in 2013, but according to the researchers,the gang has been active since 2007. The threat actors compromised a shared account of the operation and maintenance company to perform lateral movements, breaching the infrastructure provider’s network and impacting multiple organizations.

Malware

Malware Manufacturing Engineering Encryption

Cyber Security Informer

Russia-linked APT28 group spotted exploiting Outlook flaw to hijack MS Exchange accounts

173 Million Zynga accounts were impacted in the September hack

Trending Sources

Russian cybercriminal Aleksandr Brovko sentenced to 8 years in jail

Russia-linked APT28 has been scanning vulnerable email servers in the last year

Russia-linked group APT29 likely breached TeamViewer’s corporate network

US Treasury sanctioned Iran ’s Ministry of Intelligence over Albania cyberattack

APT28 targets key networks in Europe with HeadLace malware

Russian hacker Andrei Tyurin sentenced to 12 years in prison

Security Affairs - Untitled Article

France agency ANSSI warns of Russia-linked APT28 attacks on French entities

North Korea-linked Zinc group posed as Samsung recruiters to target security firms

US officials charge two Chinese men for laundering cryptocurrency for North Korea

Russia-linked APT8 exploited Outlook zero-day to target European NATO members

Google warns of APT28 attack attempts against 14,000 Gmail users

North Korea-linked Lazarus APT targets defense industry with ThreatNeedle backdoor

Microsoft: North Korea-linked Zinc APT targets security experts

Hacking firm I-Soon data leak revealed Chinese gov hacking capabilities

Chinese state-sponsored hackers breached TeamViewer in 2016

Operation In(ter)reception targets Military and Aerospace employees in Europe and the Middle East

The Delicate Balance of Security Versus Usability

China-linked APT41 group spotted using open-source red teaming tool GC2

Russia-linked STRONTIUM APT targets IoT devices to hack corporate networks

Russia-linked APT28 uses fake Windows Update instructions to target Ukraine govt bodies

US and UK agencies warn of Russia-linked APT28 exploiting Cisco router flaws

Winnti APT group uses skip-2.0 malware to control Microsoft SQL Servers

Is APT27 Abusing COVID-19 To Attack People ?!

The Life and Death of Passwords: Improving Security With Passwords and People

Identity-based Cryptography

EU Council sanctions two Russian military intelligence officers over 2015 Bundestag hack

NATO and the EU formally condemned Russia-linked APT28 cyber espionage

Is Russian group APT28 behind the cyber attack on the German air traffic control agency (DFS)?

China-linked APT group Winnti targets Japanese organizations since March 2024

Stay Connected