#apt28

[ follow ]
#cybersecurity #russia #malware #phishing #espionage #dns-hijacking #cyber-espionage #ukraine #hacking #fancy-bear
#cybersecurity
US politics
fromTheregister
9 months ago

UK uncovers novel Microsoft snooping malware, blames GRU

Russia's APT28 has deployed new malware to harvest Microsoft email credentials and access compromised accounts.
Information security
fromArs Technica
2 weeks ago

Thousands of consumer routers hacked by Russia's military

Russian military hackers are exploiting consumer routers to harvest passwords and credentials for espionage, affecting thousands of devices globally.
Information security
fromSecurityWeek
2 weeks ago

US Disrupts Russian Espionage Operation Involving Hacked Routers and DNS Hijacking

The US disrupted a Russian espionage operation using hacked SOHO routers to capture sensitive data from victims.
more#cybersecurity
Information security
fromThe Hacker News
2 weeks ago

Russian State-Linked APT28 Exploits SOHO Routers in Global DNS Hijacking Campaign

APT28 has launched a campaign exploiting MikroTik and TP-Link routers for cyber espionage, compromising DNS settings to capture credentials since May 2025.
Information security
fromThe Hacker News
1 month ago

APT28 Uses BEARDSHELL and COVENANT Malware to Spy on Ukrainian Military

APT28, a Russian state-sponsored hacking group, has deployed BEARDSHELL and COVENANT malware since April 2024 to conduct long-term surveillance of Ukrainian military personnel.
Information security
fromThe Hacker News
1 month ago

APT28-Linked Campaign Deploys BadPaw Loader and MeowMeow Backdoor in Ukraine

Russian state-sponsored APT28 deployed two new malware families, BadPaw and MeowMeow, targeting Ukrainian entities through phishing emails with Ukrainian-language lures about border crossing appeals.
Information security
fromThe Hacker News
1 month ago

APT28 Tied to CVE-2026-21513 MSHTML 0-Day Exploited Before Feb 2026 Patch Tuesday

Microsoft patched CVE-2026-21513, a high-severity MSHTML Framework vulnerability exploited as a zero-day by Russia-linked APT28, allowing attackers to bypass security features and achieve code execution through malicious files.
#cve-2026-21509
more#cve-2026-21509
Information security
fromThe Hacker News
3 months ago

Russian APT28 Runs Credential-Stealing Campaign Targeting Energy and Policy Organizations

APT28 (BlueDelta) conducted targeted credential-harvesting phishing campaigns against Turkish energy/nuclear contacts, European think tank staff, and organizations in North Macedonia and Uzbekistan.
#phishing
more#phishing
France news
fromTechzine Global
4 months ago

French Ministry of the Interior hacked, unclear if any data was stolen

The French Interior Ministry suffered a cyberattack compromising email servers and some document files; authorities launched an investigation and tightened security while origins are examined.
fromSecuritymagazine
7 months ago

Russian Threat Group Targets Microsoft Outlook With Malware

"APT28 is abusing Outlook as a covert channel through a VBA macro backdoor named NotDoor," Jason Soroko, Senior Fellow at Sectigo, explains. "Delivery uses DLL sideloading of a malicious SSPICLI.dll by the signed OneDrive.exe to disable macro protections and stage commands. The macro watches inbound mail for a trigger word and can exfiltrate data upload files and run commands. This blends with trusted binaries and normal mail flow and can slip past perimeter tools and basic detections."
Information security
Information security
fromThe Hacker News
7 months ago

Russian APT28 Deploys "NotDoor" Outlook Backdoor Against Companies in NATO Countries

APT28 deployed an Outlook VBA backdoor called NotDoor that monitors emails for a trigger to exfiltrate data, upload files, execute commands, and persist via DLL side-loading.
France news
fromeuronews
11 months ago

France accuses Russia of spate of high-profile cyberattacks

France has accused Russia's GRU of cyberattacks targeting government agencies, companies, and the Paris Olympics.
[ Load more ]