apt28 (5)

12398739494?profile=RESIZE_400xCISA Report JCSA-20240227-001

Note: This CISA advisory uses the MITRE ATT&CK® for Enterprise framework, version 14.  See the MITRE ATT&CK Tactics and Techniques section for a table of the threat actors’ activity mapped to MITRE ATT&CK tactics and techniques. For assistance with mapping malicious cyber activity to the MITRE ATT&CK framework, see CISA and MITRE ATT&CK’s Best Practices for MITRE ATT&CK Mapping and CISA’s Decider Tool.

Overview - This advisory provides observed tactics, techniques,

9621446463?profile=RESIZE_400xA Russian-linked group known as Turla has been deploying a secondary backdoor against numerous targets to maintain persistence within compromised devices even after the primary malware has been discovered and removed from the infrastructure, according to a research report released by Cisco Talos this week.

The newly discovered backdoor, which the researchers call "TinyTurla," has been deployed against targets in the U.S. and Germany over the last two years. More recently, however, Turla has used

8175658256?profile=RESIZE_400xIn August 2020, the NSA and FBI published a joint security alert containing details about a previously undisclosed Russian malware.  The entire report can be viewed here

The agencies say that the Linux strain malware has been developed and deployed in real-world attacks by Russian military hackers. The FBI says, “The Russian General Staff Main Intelligence Directorate (GRU) 85th Main Special Service Center (GTsSS) military unit 26165, whose activity is sometimes identified by the private sector

3810783521?profile=RESIZE_710xAfter the Russians were banned from the Olympics for another four years in a unanimous decision from the World Anti-Doping Agency (WADA), the immediate reaction from Russia was fury and denial.  So now everyone is waiting to see how Russia will respond.

In 2016, Red Sky Alliance analysts reported on the Russian retaliation when Russia was banned from the Olympics for steroid use.  2016 saw unprecedented Russian physical, cyber and physiological interference into the US presidential election, but

3768494995?profile=RESIZE_710xSummary

RedXray is cyber threat notification service that simplifies monitoring for organizations and supply chains.  

In 2016, the World Anti-Doping Agency (WADA) commissioned an investigation into reports that the Russian government was sponsoring blood doping of Russian Athletes. Cybersecurity analysts worldwide witnessed cyber-attacks originating from the GRU-linked APT28, better known as “Fancy Bear,” aimed at anti-doping agencies such as the WADA. These attacks were carried out against age