#apt28

[ follow ]
#cybersecurity #russia #malware #ukraine #nato #international-relations #france #outlook-macro-backdoor
fromSecuritymagazine
1 week ago

Russian Threat Group Targets Microsoft Outlook With Malware

"APT28 is abusing Outlook as a covert channel through a VBA macro backdoor named NotDoor," Jason Soroko, Senior Fellow at Sectigo, explains. "Delivery uses DLL sideloading of a malicious SSPICLI.dll by the signed OneDrive.exe to disable macro protections and stage commands. The macro watches inbound mail for a trigger word and can exfiltrate data upload files and run commands. This blends with trusted binaries and normal mail flow and can slip past perimeter tools and basic detections."
Information security
Information security
fromThe Hacker News
1 week ago

Russian APT28 Deploys "NotDoor" Outlook Backdoor Against Companies in NATO Countries

APT28 deployed an Outlook VBA backdoor called NotDoor that monitors emails for a trigger to exfiltrate data, upload files, execute commands, and persist via DLL side-loading.
#cybersecurity
UK news
fromDatabreaches
3 months ago

Western intelligence agencies unite to expose Russian hacking campaign against logistics and tech firms

Russian hacking group APT28 was blamed for a widespread digital campaign posing serious risks across various sectors globally.
Web development
fromThe Hacker News
4 months ago

Russia-Linked APT28 Exploited MDaemon Zero-Day to Hack Government Webmail Servers

APT28, a Russian-linked cyber threat actor, is conducting espionage targeting webmail servers through XSS vulnerabilities aimed at stealing confidential data.
Russo-Ukrainian War
fromTheregister
3 months ago

Russia's Fancy Bear sticks its paws in transportation emails

Russian cyberspies have targeted Western logistics providers and government organizations involved in aid to Ukraine since 2022.
UK news
fromDatabreaches
3 months ago

Western intelligence agencies unite to expose Russian hacking campaign against logistics and tech firms

Russian hacking group APT28 was blamed for a widespread digital campaign posing serious risks across various sectors globally.
Web development
fromThe Hacker News
4 months ago

Russia-Linked APT28 Exploited MDaemon Zero-Day to Hack Government Webmail Servers

APT28, a Russian-linked cyber threat actor, is conducting espionage targeting webmail servers through XSS vulnerabilities aimed at stealing confidential data.
more#cybersecurity
fromThe Hacker News
1 month ago

CERT-UA Discovers LAMEHUG Malware Linked to APT28, Using LLM for Phishing Campaign

LAMEHUG is a malware that uses large language models to generate executable commands based on text descriptions, targeting executive government authorities through phishing emails.
Privacy professionals
France news
fromeuronews
4 months ago

France accuses Russia of spate of high-profile cyberattacks

France has accused Russia's GRU of cyberattacks targeting government agencies, companies, and the Paris Olympics.
[ Load more ]