TechHub

0 posts0 participants0 posts today

OTX BotDeobfuscating APT28's HTA Trojan: A Deep Dive into VBE Techniques & Multi-Layer ObfuscationThis analysis delves into APT28's cyber espionage campaign targeting Central Asia and Kazakhstan diplomatic relations, focusing on their HTA Trojan. The malware employs advanced obfuscation techniques, including VBE (VBScript Encoded) and multi-layer obfuscation. The investigation uses x32dbg debugging to decode the obfuscated code, revealing a custom map algorithm for character deobfuscation. The process involves decoding strings using embedded characters from Windows vbscript.dll. The analysis identifies the use of Microsoft's Windows Script Encoder (screnc.exe) to create VBE files. By employing various deobfuscation techniques, including a Python script, the final malware sample is extracted and analyzed, showcasing APT28's evolving tactics in cyber espionage.Pulse ID: 67efc6e712b49d46c1423ca9 Pulse Link: <a href="https://otx.alienvault.com/pulse/67efc6e712b49d46c1423ca9" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://otx.alienvault.com/pulse/67efc6e712b49d46c1423ca9</a> Pulse Author: AlienVault Created: 2025-04-04 11:47:51Be advised, this data is unverified and should be considered preliminary. Always do further verification.<a href="https://social.raytec.co/tags/APT28" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#APT28</a> <a href="https://social.raytec.co/tags/Asia" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Asia</a> <a href="https://social.raytec.co/tags/CentralAsia" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CentralAsia</a> <a href="https://social.raytec.co/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CyberSecurity</a> <a href="https://social.raytec.co/tags/Espionage" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Espionage</a> <a href="https://social.raytec.co/tags/ICS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ICS</a> <a href="https://social.raytec.co/tags/InfoSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#InfoSec</a> <a href="https://social.raytec.co/tags/Kazakhstan" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Kazakhstan</a> <a href="https://social.raytec.co/tags/Malware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Malware</a> <a href="https://social.raytec.co/tags/Microsoft" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Microsoft</a> <a href="https://social.raytec.co/tags/OTX" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OTX</a> <a href="https://social.raytec.co/tags/OpenThreatExchange" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OpenThreatExchange</a> <a href="https://social.raytec.co/tags/Python" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Python</a> <a href="https://social.raytec.co/tags/Trojan" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Trojan</a> <a href="https://social.raytec.co/tags/VBS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#VBS</a> <a href="https://social.raytec.co/tags/Windows" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Windows</a> <a href="https://social.raytec.co/tags/bot" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#bot</a> <a href="https://social.raytec.co/tags/AlienVault" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#AlienVault</a>

🄷e⃞i⃞t⃞e⃞c⃞ Ⓜ️Kazakhstan to audit foreign ministry after suspected <a href="https://mastodon.social/tags/Russia" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Russia</a>-linked cyberattack of <a href="https://mastodon.social/tags/APT28" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#APT28</a> Original Documents abused. 🤯 <a href="https://mastodon.social/tags/hack" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#hack</a> <a href="https://mastodon.social/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cybersecurity</a> <a href="https://mastodon.social/tags/insider" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#insider</a> <a href="https://therecord.media/kazakhstan-foreign-ministry-cyberattack-russia" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://therecord.media/kazakhstan-foreign-ministry-cyberattack-russia</a>

Pyrzout :vm:Russian UAC-0063 Targets Europe and Central Asia with Advanced Malware – Source:hackread.com <a href="https://ciso2ciso.com/russian-uac-0063-targets-europe-and-central-asia-with-advanced-malware-sourcehackread-com/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://ciso2ciso.com/russian-uac-0063-targets-europe-and-central-asia-with-advanced-malware-sourcehackread-com/</a> <a href="https://social.skynetcloud.site/tags/1CyberSecurityNewsPost" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#1CyberSecurityNewsPost</a> <a href="https://social.skynetcloud.site/tags/CyberSecurityNews" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CyberSecurityNews</a> <a href="https://social.skynetcloud.site/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cybersecurity</a> <a href="https://social.skynetcloud.site/tags/CyberAttacks" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CyberAttacks</a> <a href="https://social.skynetcloud.site/tags/CentralAsia" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CentralAsia</a> <a href="https://social.skynetcloud.site/tags/Hackread" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Hackread</a> <a href="https://social.skynetcloud.site/tags/security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#security</a> <a href="https://social.skynetcloud.site/tags/malware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#malware</a> <a href="https://social.skynetcloud.site/tags/UAC0063" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#UAC0063</a> <a href="https://social.skynetcloud.site/tags/europe" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#europe</a> <a href="https://social.skynetcloud.site/tags/Russia" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Russia</a> <a href="https://social.skynetcloud.site/tags/APT28" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#APT28</a>

Pyrzout :vm:Russian UAC-0063 Targets Europe and Central Asia with Advanced Malware <a href="https://hackread.com/russian-uac-0063-europe-central-asia-advanced-malware/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://hackread.com/russian-uac-0063-europe-central-asia-advanced-malware/</a> <a href="https://social.skynetcloud.site/tags/Cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Cybersecurity</a> <a href="https://social.skynetcloud.site/tags/CyberAttacks" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CyberAttacks</a> <a href="https://social.skynetcloud.site/tags/CentralAsia" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CentralAsia</a> <a href="https://social.skynetcloud.site/tags/Security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Security</a> <a href="https://social.skynetcloud.site/tags/Malware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Malware</a> <a href="https://social.skynetcloud.site/tags/UAC0063" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#UAC0063</a> <a href="https://social.skynetcloud.site/tags/europe" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#europe</a> <a href="https://social.skynetcloud.site/tags/Russia" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Russia</a> <a href="https://social.skynetcloud.site/tags/APT28" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#APT28</a>

Sekoia.io🇷🇺 <a href="https://infosec.exchange/tags/DoubleTap" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#DoubleTap</a> Campaign: <a href="https://infosec.exchange/tags/Russia" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Russia</a>-nexus APT possibly related to <a href="https://infosec.exchange/tags/APT28" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#APT28</a> conducts cyber espionage on Central Asia and Kazakhstan diplomatic relations <a href="https://blog.sekoia.io/double-tap-campaign-russia-nexus-apt-possibly-related-to-apt28-conducts-cyber-espionage-on-central-asia-and-kazakhstan-diplomatic-relations/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://blog.sekoia.io/double-tap-campaign-russia-nexus-apt-possibly-related-to-apt28-conducts-cyber-espionage-on-central-asia-and-kazakhstan-diplomatic-relations/</a>

CodeFreezR (he/him)Hatte euch das mit <a href="https://chaos.social/tags/datarade" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#datarade</a> und <a href="https://chaos.social/tags/datastream" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#datastream</a> schon beunruhigt? Dann solltet ihr evt. die kleine "Bären-Doku" doch nicht anschauen. Das könnte Teile der Bevölkerung ... <a href="https://y.lab.nrw/bthack" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://y.lab.nrw/bthack</a> [ard mediathek]Aber <a href="https://chaos.social/tags/NIS2" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#NIS2</a> kommt ja... schon bald...\__ <a href="https://chaos.social/tags/simplicissimus" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#simplicissimus</a> <a href="https://chaos.social/tags/bthack" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#bthack</a> <a href="https://chaos.social/tags/vsc" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#vsc</a> <a href="https://chaos.social/tags/xtunnel" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#xtunnel</a> <a href="https://chaos.social/tags/fancybear" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#fancybear</a> <a href="https://chaos.social/tags/voodoobear" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#voodoobear</a> <a href="https://chaos.social/tags/cyberwar" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cyberwar</a> <a href="https://chaos.social/tags/38c3" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#38c3</a> <a href="https://chaos.social/tags/cyberwehr" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cyberwehr</a> <a href="https://chaos.social/tags/nohackback" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#nohackback</a> <a href="https://chaos.social/tags/hackback" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#hackback</a> <a href="https://chaos.social/tags/apt28" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#apt28</a> <a href="https://chaos.social/tags/bsi" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#bsi</a>

Joaquim HomrighausenInteresting attack vector 🤔 🧐 "Russian Spies Jumped From One Network to Another Via Wi-Fi in an Unprecedented Hack" <a href="https://www.wired.com/story/russia-gru-apt28-wifi-daisy-chain-breach/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.wired.com/story/russia-gru-apt28-wifi-daisy-chain-breach/</a><a href="https://mastodon.online/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cybersecurity</a> <a href="https://mastodon.online/tags/infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#infosec</a> <a href="https://mastodon.online/tags/cybersec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cybersec</a> <a href="https://mastodon.online/tags/breach" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#breach</a> <a href="https://mastodon.online/tags/wifibreach" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#wifibreach</a> <a href="https://mastodon.online/tags/apt28" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#apt28</a>

gtbarryRussian military hackers have developed a new Wi-Fi hacking technique: Instead of venturing into radio range of their target, they found another vulnerable network in a building across the street, remotely hacked into a laptop in that neighboring building, and used that computer's antenna to break into the Wi-Fi network of their intended victim <a href="https://mastodon.social/tags/russia" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#russia</a> <a href="https://mastodon.social/tags/russian" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#russian</a> <a href="https://mastodon.social/tags/APT28" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#APT28</a> <a href="https://mastodon.social/tags/wifi" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#wifi</a> <a href="https://mastodon.social/tags/security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#security</a> <a href="https://mastodon.social/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cybersecurity</a> <a href="https://mastodon.social/tags/infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#infosec</a> <a href="https://mastodon.social/tags/hackers" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#hackers</a> <a href="https://mastodon.social/tags/hacking" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#hacking</a><a href="https://www.wired.com/story/russia-gru-apt28-wifi-daisy-chain-breach/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.wired.com/story/russia-gru-apt28-wifi-daisy-chain-breach/</a>

Pyrzout :vm:Russia-linked APT TAG-110 uses targets Europe and Asia – Source: securityaffairs.com <a href="https://ciso2ciso.com/russia-linked-apt-tag-110-uses-targets-europe-and-asia-source-securityaffairs-com/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://ciso2ciso.com/russia-linked-apt-tag-110-uses-targets-europe-and-asia-source-securityaffairs-com/</a> <a href="https://social.skynetcloud.site/tags/rssfeedpostgeneratorecho" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#rssfeedpostgeneratorecho</a> <a href="https://social.skynetcloud.site/tags/informationsecuritynews" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#informationsecuritynews</a> <a href="https://social.skynetcloud.site/tags/ITInformationSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ITInformationSecurity</a> <a href="https://social.skynetcloud.site/tags/SecurityAffairscom" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SecurityAffairscom</a> <a href="https://social.skynetcloud.site/tags/CyberSecurityNews" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CyberSecurityNews</a> <a href="https://social.skynetcloud.site/tags/PierluigiPaganini" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#PierluigiPaganini</a> <a href="https://social.skynetcloud.site/tags/SecurityAffairs" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SecurityAffairs</a> <a href="https://social.skynetcloud.site/tags/BreakingNews" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#BreakingNews</a> <a href="https://social.skynetcloud.site/tags/Cyberwarfare" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Cyberwarfare</a> <a href="https://social.skynetcloud.site/tags/SecurityNews" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SecurityNews</a> <a href="https://social.skynetcloud.site/tags/hackingnews" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#hackingnews</a> <a href="https://social.skynetcloud.site/tags/hacking" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#hacking</a> <a href="https://social.skynetcloud.site/tags/Malware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Malware</a> <a href="https://social.skynetcloud.site/tags/TAG110" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#TAG110</a> <a href="https://social.skynetcloud.site/tags/APT28" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#APT28</a> <a href="https://social.skynetcloud.site/tags/APT" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#APT</a>

Andreas KlopschAmazing article by Volexity researchers on APT28 hackers used a "Nearest Neighbor Attack" to breach a U.S. firm's Wi-Fi via compromised devices in nearby buildings.<a href="https://volexity.com/blog/2024/11/22/the-nearest-neighbor-attack-how-a-russian-apt-weaponized-nearby-wi-fi-networks-for-covert-access/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://volexity.com/blog/2024/11/22/the-nearest-neighbor-attack-how-a-russian-apt-weaponized-nearby-wi-fi-networks-for-covert-access/</a><a href="https://infosec.exchange/tags/malware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#malware</a> <a href="https://infosec.exchange/tags/threatintel" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#threatintel</a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#infosec</a> <a href="https://infosec.exchange/tags/apt28" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#apt28</a> <a href="https://infosec.exchange/tags/reverseengineering" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#reverseengineering</a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cybersecurity</a>

Pyrzout :vm:Espías rusos saltaron de una red a otra a través de Wi-Fi en un hackeo sin precedentes <a href="https://blog.elhacker.net/2024/11/espias-rusos-saltaron-de-una-red-otra-wifi-inseguro.html" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://blog.elhacker.net/2024/11/espias-rusos-saltaron-de-una-red-otra-wifi-inseguro.html</a> <a href="https://social.skynetcloud.site/tags/ciberespionaje" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ciberespionaje</a> <a href="https://social.skynetcloud.site/tags/apt28" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#apt28</a> <a href="https://social.skynetcloud.site/tags/rusia" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#rusia</a> <a href="https://social.skynetcloud.site/tags/apt" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#apt</a>

Pyrzout :vm:Russian Cyberspies Hacked Building Across Street From Target for Wi-Fi Attack <a href="https://www.securityweek.com/russian-cyberspies-hacked-building-across-street-from-target-for-wi-fi-attack/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.securityweek.com/russian-cyberspies-hacked-building-across-street-from-target-for-wi-fi-attack/</a> <a href="https://social.skynetcloud.site/tags/NearestNeighborAttack" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#NearestNeighborAttack</a> <a href="https://social.skynetcloud.site/tags/Mobile" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Mobile</a>&Wireless <a href="https://social.skynetcloud.site/tags/Nation" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Nation</a>-State <a href="https://social.skynetcloud.site/tags/Featured" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Featured</a> <a href="https://social.skynetcloud.site/tags/Russia" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Russia</a> <a href="https://social.skynetcloud.site/tags/APT28" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#APT28</a> <a href="https://social.skynetcloud.site/tags/Wi" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Wi</a>-Fi

Miguel Afonso Caetano"For determined hackers, sitting in a car outside a target's building and using radio equipment to breach its Wi-Fi network has long been an effective but risky technique. These risks became all too clear when spies working for Russia's GRU military intelligence agency were caught red-handed on a city street in the Netherlands in 2018 using an antenna hidden in their car's trunk to try to hack into the Wi-Fi of the Organization for the Prohibition of Chemical Weapons.Since that incident, however, that same unit of Russian military hackers appears to have developed a new and far safer Wi-Fi hacking technique: Instead of venturing into radio range of their target, they found another vulnerable network in a building across the street, remotely hacked into a laptop in that neighboring building, and used that computer's antenna to break into the Wi-Fi network of their intended victim—a radio-hacking trick that never even required leaving Russian soil.At the Cyberwarcon security conference in Arlington, Virginia, today, cybersecurity researcher Steven Adair will reveal how his firm, Volexity, discovered that unprecedented Wi-Fi hacking technique—what the firm is calling a “nearest neighbor attack"—while investigating a network breach targeting a customer in Washington, DC, in 2022. Volexity, which declined to name its DC customer, has since tied the breach to the Russian hacker group known as Fancy Bear, APT28, or Unit 26165."<a href="https://www.wired.com/story/russia-gru-apt28-wifi-daisy-chain-breach/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.wired.com/story/russia-gru-apt28-wifi-daisy-chain-breach/</a><a href="https://tldr.nettime.org/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CyberSecurity</a> <a href="https://tldr.nettime.org/tags/Russia" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Russia</a> <a href="https://tldr.nettime.org/tags/StateHacking" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#StateHacking</a> <a href="https://tldr.nettime.org/tags/FancyBear" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#FancyBear</a> <a href="https://tldr.nettime.org/tags/APT28" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#APT28</a> <a href="https://tldr.nettime.org/tags/Wifi" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Wifi</a>

Pyrzout :vm:Russian TAG-110 Hacked 60+ Users With HTML Loaded & Python Backdoor <a href="https://gbhackers.com/russian-tag-110-hacked-60-users/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://gbhackers.com/russian-tag-110-hacked-60-users/</a> <a href="https://social.skynetcloud.site/tags/CyberSecurityNews" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CyberSecurityNews</a> <a href="https://social.skynetcloud.site/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cybersecurity</a> <a href="https://social.skynetcloud.site/tags/Malware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Malware</a> <a href="https://social.skynetcloud.site/tags/THREATS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#THREATS</a> <a href="https://social.skynetcloud.site/tags/APT28" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#APT28</a>

PrivacyDigest<a href="https://mas.to/tags/Russian" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Russian</a> <a href="https://mas.to/tags/Spies" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Spies</a> Jumped From One Network to Another Via Wi-Fi in an Unprecedented <a href="https://mas.to/tags/Hack" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Hack</a> In a first, Russia's <a href="https://mas.to/tags/APT28" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#APT28</a> hacking group appears to have remotely breached the Wi-Fi of an <a href="https://mas.to/tags/espionage" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#espionage</a> target by hijacking a laptop in another building across the street. <a href="https://mas.to/tags/security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#security</a> <a href="https://mas.to/tags/privacy" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#privacy</a> <a href="https://mas.to/tags/russia" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#russia</a><a href="https://www.wired.com/story/russia-gru-apt28-wifi-daisy-chain-breach/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.wired.com/story/russia-gru-apt28-wifi-daisy-chain-breach/</a>

Pyrzout :vm:Russian Cyberespionage Group Hit 60 Victims in Asia, Europe – Source: www.securityweek.com <a href="https://ciso2ciso.com/russian-cyberespionage-group-hit-60-victims-in-asia-europe-source-www-securityweek-com/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://ciso2ciso.com/russian-cyberespionage-group-hit-60-victims-in-asia-europe-source-www-securityweek-com/</a> <a href="https://social.skynetcloud.site/tags/rssfeedpostgeneratorecho" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#rssfeedpostgeneratorecho</a> <a href="https://social.skynetcloud.site/tags/CyberSecurityNews" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CyberSecurityNews</a> <a href="https://social.skynetcloud.site/tags/securityweekcom" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#securityweekcom</a> <a href="https://social.skynetcloud.site/tags/Cyberespionage" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Cyberespionage</a> <a href="https://social.skynetcloud.site/tags/securityweek" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#securityweek</a> <a href="https://social.skynetcloud.site/tags/NationState" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#NationState</a> <a href="https://social.skynetcloud.site/tags/espionage" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#espionage</a> <a href="https://social.skynetcloud.site/tags/Europe" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Europe</a> <a href="https://social.skynetcloud.site/tags/Russia" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Russia</a> <a href="https://social.skynetcloud.site/tags/APT28" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#APT28</a>

Pyrzout :vm:Russian Cyberespionage Group Hit 60 Victims in Asia, Europe <a href="https://www.securityweek.com/russian-cyberespionage-group-hit-60-victims-in-asia-europe/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.securityweek.com/russian-cyberespionage-group-hit-60-victims-in-asia-europe/</a> <a href="https://social.skynetcloud.site/tags/cyberespionage" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cyberespionage</a> <a href="https://social.skynetcloud.site/tags/Nation" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Nation</a>-State <a href="https://social.skynetcloud.site/tags/espionage" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#espionage</a> <a href="https://social.skynetcloud.site/tags/Europe" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Europe</a> <a href="https://social.skynetcloud.site/tags/Russia" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Russia</a> <a href="https://social.skynetcloud.site/tags/APT28" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#APT28</a>

Martin Boller 🇬🇱 🇺🇦 :tux: :freebsd: :windows: :mastodon:"APT28: Following bear tracks back to the cave" presented by Golo Mühr<a href="https://infosec.exchange/tags/hacklu2024" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#hacklu2024</a> <a href="https://infosec.exchange/tags/apt28" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#apt28</a>

Recent searches

Search options

Administered by:

Server stats:

#apt28