The Polish government warns that a cyberespionage group linked to Russia's intelligence services targets diplomatic and foreign ministries from NATO and EU member states in an ongoing campaign that uses previously undocumented malware payloads. The group, known in the security industry as APT29, Cozy Bear, and NOBELIUM, is believed to be part of Russia's Foreign Intelligence Service (SVR) and is the group behind the 2020 supply chain attack against software company SolarWinds that led to the co
nobelium (4)
Russian cyberespionage group APT29, responsible for the devastating SolarWinds supply chain attacks in 2020, is back in the news. In a technical report published by Microsoft, the APT29 cyber-spies have acquired authentication bypass of a new post-exploitation tactic. Microsoft previously tracked the actors as Nobelium (a), Cozy Bear (b), and the Dukes (C).
Findings Details: Microsoft wrote in its report that the hackers are targeting corporate networks with a new authentication bypassing tec
Activity Summary - Week Ending 11 June 2021:
- Red Sky Alliance identified 33,092 connections from new unique IP Addresses
- Analysts identified 1,485 new IP addresses participating in various Botnets
- Variations of dnSpy is still being used as a Lure
- Agent Tesla
- NOBELIUM
- Phishing Campaigns Targeting NGOs
- Bing v. Google and Videos
- Chinese general buys land in TX, why?
- Cloud service company Fastly, Shut Down
- SkinnyBoy
- Quanta Computer – Taiwan
- Amazon Prime accused of Spying??
Link to full report: IR-
Microsoft has discovered a large-scale spear-phishing campaign being conducted by the Russian advanced persistent threat (APT) group that has led to the breach of 3,000 email accounts across 150 organizations.
A Russian-based group called Nobelium, allegedly behind the SolarWinds attack, is at it again with a sophisticated phishing campaign aimed at delivering malicious URLs with payloads enabling network persistence so the actors can conduct further nefarious cyber activities.
This time, Nobeli
