techhub.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
A hub primarily for passionate technologists, but everyone is welcome

Administered by:

Server stats:

5.3K
active users

#apt28

0 posts0 participants0 posts today
OTX Bot<p>Deobfuscating APT28's HTA Trojan: A Deep Dive into VBE Techniques &amp; Multi-Layer Obfuscation</p><p>This analysis delves into APT28's cyber espionage campaign targeting Central Asia and Kazakhstan diplomatic relations, focusing on their HTA Trojan. The malware employs advanced obfuscation techniques, including VBE (VBScript Encoded) and multi-layer obfuscation. The investigation uses x32dbg debugging to decode the obfuscated code, revealing a custom map algorithm for character deobfuscation. The process involves decoding strings using embedded characters from Windows vbscript.dll. The analysis identifies the use of Microsoft's Windows Script Encoder (screnc.exe) to create VBE files. By employing various deobfuscation techniques, including a Python script, the final malware sample is extracted and analyzed, showcasing APT28's evolving tactics in cyber espionage.</p><p>Pulse ID: 67efc6e712b49d46c1423ca9<br>Pulse Link: <a href="https://otx.alienvault.com/pulse/67efc6e712b49d46c1423ca9" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">otx.alienvault.com/pulse/67efc</span><span class="invisible">6e712b49d46c1423ca9</span></a> <br>Pulse Author: AlienVault<br>Created: 2025-04-04 11:47:51</p><p>Be advised, this data is unverified and should be considered preliminary. Always do further verification.</p><p><a href="https://social.raytec.co/tags/APT28" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>APT28</span></a> <a href="https://social.raytec.co/tags/Asia" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Asia</span></a> <a href="https://social.raytec.co/tags/CentralAsia" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CentralAsia</span></a> <a href="https://social.raytec.co/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CyberSecurity</span></a> <a href="https://social.raytec.co/tags/Espionage" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Espionage</span></a> <a href="https://social.raytec.co/tags/ICS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ICS</span></a> <a href="https://social.raytec.co/tags/InfoSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>InfoSec</span></a> <a href="https://social.raytec.co/tags/Kazakhstan" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Kazakhstan</span></a> <a href="https://social.raytec.co/tags/Malware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Malware</span></a> <a href="https://social.raytec.co/tags/Microsoft" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Microsoft</span></a> <a href="https://social.raytec.co/tags/OTX" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OTX</span></a> <a href="https://social.raytec.co/tags/OpenThreatExchange" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OpenThreatExchange</span></a> <a href="https://social.raytec.co/tags/Python" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Python</span></a> <a href="https://social.raytec.co/tags/Trojan" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Trojan</span></a> <a href="https://social.raytec.co/tags/VBS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>VBS</span></a> <a href="https://social.raytec.co/tags/Windows" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Windows</span></a> <a href="https://social.raytec.co/tags/bot" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>bot</span></a> <a href="https://social.raytec.co/tags/AlienVault" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>AlienVault</span></a></p>
🄷e⃞i⃞t⃞e⃞c⃞ Ⓜ️<p>Kazakhstan to audit foreign ministry after suspected <a href="https://mastodon.social/tags/Russia" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Russia</span></a>-linked cyberattack of <a href="https://mastodon.social/tags/APT28" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>APT28</span></a> <br>Original Documents abused. 🤯<br><a href="https://mastodon.social/tags/hack" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>hack</span></a> <a href="https://mastodon.social/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cybersecurity</span></a> <a href="https://mastodon.social/tags/insider" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>insider</span></a><br> <a href="https://therecord.media/kazakhstan-foreign-ministry-cyberattack-russia" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">therecord.media/kazakhstan-for</span><span class="invisible">eign-ministry-cyberattack-russia</span></a></p>
Pyrzout :vm:<p>Russian UAC-0063 Targets Europe and Central Asia with Advanced Malware – Source:hackread.com <a href="https://ciso2ciso.com/russian-uac-0063-targets-europe-and-central-asia-with-advanced-malware-sourcehackread-com/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">ciso2ciso.com/russian-uac-0063</span><span class="invisible">-targets-europe-and-central-asia-with-advanced-malware-sourcehackread-com/</span></a> <a href="https://social.skynetcloud.site/tags/1CyberSecurityNewsPost" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>1CyberSecurityNewsPost</span></a> <a href="https://social.skynetcloud.site/tags/CyberSecurityNews" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CyberSecurityNews</span></a> <a href="https://social.skynetcloud.site/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cybersecurity</span></a> <a href="https://social.skynetcloud.site/tags/CyberAttacks" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CyberAttacks</span></a> <a href="https://social.skynetcloud.site/tags/CentralAsia" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CentralAsia</span></a> <a href="https://social.skynetcloud.site/tags/Hackread" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Hackread</span></a> <a href="https://social.skynetcloud.site/tags/security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>security</span></a> <a href="https://social.skynetcloud.site/tags/malware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>malware</span></a> <a href="https://social.skynetcloud.site/tags/UAC0063" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>UAC0063</span></a> <a href="https://social.skynetcloud.site/tags/europe" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>europe</span></a> <a href="https://social.skynetcloud.site/tags/Russia" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Russia</span></a> <a href="https://social.skynetcloud.site/tags/APT28" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>APT28</span></a></p>
Pyrzout :vm:<p>Russian UAC-0063 Targets Europe and Central Asia with Advanced Malware <a href="https://hackread.com/russian-uac-0063-europe-central-asia-advanced-malware/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">hackread.com/russian-uac-0063-</span><span class="invisible">europe-central-asia-advanced-malware/</span></a> <a href="https://social.skynetcloud.site/tags/Cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Cybersecurity</span></a> <a href="https://social.skynetcloud.site/tags/CyberAttacks" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CyberAttacks</span></a> <a href="https://social.skynetcloud.site/tags/CentralAsia" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CentralAsia</span></a> <a href="https://social.skynetcloud.site/tags/Security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Security</span></a> <a href="https://social.skynetcloud.site/tags/Malware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Malware</span></a> <a href="https://social.skynetcloud.site/tags/UAC0063" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>UAC0063</span></a> <a href="https://social.skynetcloud.site/tags/europe" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>europe</span></a> <a href="https://social.skynetcloud.site/tags/Russia" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Russia</span></a> <a href="https://social.skynetcloud.site/tags/APT28" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>APT28</span></a></p>
Sekoia.io<p>🇷🇺 <a href="https://infosec.exchange/tags/DoubleTap" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DoubleTap</span></a> Campaign: <a href="https://infosec.exchange/tags/Russia" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Russia</span></a>-nexus APT possibly related to <a href="https://infosec.exchange/tags/APT28" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>APT28</span></a> conducts cyber espionage on Central Asia and Kazakhstan diplomatic relations </p><p><a href="https://blog.sekoia.io/double-tap-campaign-russia-nexus-apt-possibly-related-to-apt28-conducts-cyber-espionage-on-central-asia-and-kazakhstan-diplomatic-relations/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">blog.sekoia.io/double-tap-camp</span><span class="invisible">aign-russia-nexus-apt-possibly-related-to-apt28-conducts-cyber-espionage-on-central-asia-and-kazakhstan-diplomatic-relations/</span></a></p>
CodeFreezR (he/him)<p>Hatte euch das mit <a href="https://chaos.social/tags/datarade" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>datarade</span></a> und <a href="https://chaos.social/tags/datastream" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>datastream</span></a> schon beunruhigt? Dann solltet ihr evt. die kleine "Bären-Doku" doch nicht anschauen. Das könnte Teile der Bevölkerung ... </p><p><a href="https://y.lab.nrw/bthack" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="">y.lab.nrw/bthack</span><span class="invisible"></span></a> [ard mediathek]</p><p>Aber <a href="https://chaos.social/tags/NIS2" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>NIS2</span></a> kommt ja... schon bald...</p><p>\__<br><a href="https://chaos.social/tags/simplicissimus" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>simplicissimus</span></a> <a href="https://chaos.social/tags/bthack" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>bthack</span></a> <a href="https://chaos.social/tags/vsc" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>vsc</span></a> <a href="https://chaos.social/tags/xtunnel" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>xtunnel</span></a> <a href="https://chaos.social/tags/fancybear" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>fancybear</span></a> <a href="https://chaos.social/tags/voodoobear" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>voodoobear</span></a> <a href="https://chaos.social/tags/cyberwar" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cyberwar</span></a> <a href="https://chaos.social/tags/38c3" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>38c3</span></a> <a href="https://chaos.social/tags/cyberwehr" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cyberwehr</span></a> <a href="https://chaos.social/tags/nohackback" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>nohackback</span></a> <a href="https://chaos.social/tags/hackback" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>hackback</span></a> <a href="https://chaos.social/tags/apt28" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>apt28</span></a> <a href="https://chaos.social/tags/bsi" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>bsi</span></a></p>
Joaquim Homrighausen<p>Interesting attack vector 🤔&nbsp;🧐 </p><p>"Russian Spies Jumped From One Network to Another Via Wi-Fi in an Unprecedented Hack" </p><p><a href="https://www.wired.com/story/russia-gru-apt28-wifi-daisy-chain-breach/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">wired.com/story/russia-gru-apt</span><span class="invisible">28-wifi-daisy-chain-breach/</span></a></p><p><a href="https://mastodon.online/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cybersecurity</span></a> <a href="https://mastodon.online/tags/infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>infosec</span></a> <a href="https://mastodon.online/tags/cybersec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cybersec</span></a> <a href="https://mastodon.online/tags/breach" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>breach</span></a> <a href="https://mastodon.online/tags/wifibreach" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>wifibreach</span></a> <a href="https://mastodon.online/tags/apt28" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>apt28</span></a></p>
gtbarry<p>Russian military hackers have developed a new Wi-Fi hacking technique: Instead of venturing into radio range of their target, they found another vulnerable network in a building across the street, remotely hacked into a laptop in that neighboring building, and used that computer's antenna to break into the Wi-Fi network of their intended victim </p><p><a href="https://mastodon.social/tags/russia" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>russia</span></a> <a href="https://mastodon.social/tags/russian" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>russian</span></a> <a href="https://mastodon.social/tags/APT28" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>APT28</span></a> <a href="https://mastodon.social/tags/wifi" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>wifi</span></a> <a href="https://mastodon.social/tags/security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>security</span></a> <a href="https://mastodon.social/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cybersecurity</span></a> <a href="https://mastodon.social/tags/infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>infosec</span></a> <a href="https://mastodon.social/tags/hackers" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>hackers</span></a> <a href="https://mastodon.social/tags/hacking" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>hacking</span></a></p><p><a href="https://www.wired.com/story/russia-gru-apt28-wifi-daisy-chain-breach/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">wired.com/story/russia-gru-apt</span><span class="invisible">28-wifi-daisy-chain-breach/</span></a></p>
Pyrzout :vm:<p>Russia-linked APT TAG-110 uses targets Europe and Asia – Source: securityaffairs.com <a href="https://ciso2ciso.com/russia-linked-apt-tag-110-uses-targets-europe-and-asia-source-securityaffairs-com/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">ciso2ciso.com/russia-linked-ap</span><span class="invisible">t-tag-110-uses-targets-europe-and-asia-source-securityaffairs-com/</span></a> <a href="https://social.skynetcloud.site/tags/rssfeedpostgeneratorecho" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>rssfeedpostgeneratorecho</span></a> <a href="https://social.skynetcloud.site/tags/informationsecuritynews" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>informationsecuritynews</span></a> <a href="https://social.skynetcloud.site/tags/ITInformationSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ITInformationSecurity</span></a> <a href="https://social.skynetcloud.site/tags/SecurityAffairscom" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SecurityAffairscom</span></a> <a href="https://social.skynetcloud.site/tags/CyberSecurityNews" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CyberSecurityNews</span></a> <a href="https://social.skynetcloud.site/tags/PierluigiPaganini" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>PierluigiPaganini</span></a> <a href="https://social.skynetcloud.site/tags/SecurityAffairs" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SecurityAffairs</span></a> <a href="https://social.skynetcloud.site/tags/BreakingNews" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>BreakingNews</span></a> <a href="https://social.skynetcloud.site/tags/Cyberwarfare" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Cyberwarfare</span></a> <a href="https://social.skynetcloud.site/tags/SecurityNews" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SecurityNews</span></a> <a href="https://social.skynetcloud.site/tags/hackingnews" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>hackingnews</span></a> <a href="https://social.skynetcloud.site/tags/hacking" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>hacking</span></a> <a href="https://social.skynetcloud.site/tags/Malware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Malware</span></a> <a href="https://social.skynetcloud.site/tags/TAG110" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>TAG110</span></a> <a href="https://social.skynetcloud.site/tags/APT28" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>APT28</span></a> <a href="https://social.skynetcloud.site/tags/APT" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>APT</span></a></p>
Andreas Klopsch<p>Amazing article by Volexity researchers on APT28 hackers used a "Nearest Neighbor Attack" to breach a U.S. firm's Wi-Fi via compromised devices in nearby buildings.</p><p><a href="https://volexity.com/blog/2024/11/22/the-nearest-neighbor-attack-how-a-russian-apt-weaponized-nearby-wi-fi-networks-for-covert-access/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">volexity.com/blog/2024/11/22/t</span><span class="invisible">he-nearest-neighbor-attack-how-a-russian-apt-weaponized-nearby-wi-fi-networks-for-covert-access/</span></a></p><p><a href="https://infosec.exchange/tags/malware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>malware</span></a> <a href="https://infosec.exchange/tags/threatintel" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>threatintel</span></a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>infosec</span></a> <a href="https://infosec.exchange/tags/apt28" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>apt28</span></a> <a href="https://infosec.exchange/tags/reverseengineering" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>reverseengineering</span></a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cybersecurity</span></a></p>
Pyrzout :vm:<p>Espías rusos saltaron de una red a otra a través de Wi-Fi en un hackeo sin precedentes <a href="https://blog.elhacker.net/2024/11/espias-rusos-saltaron-de-una-red-otra-wifi-inseguro.html" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">blog.elhacker.net/2024/11/espi</span><span class="invisible">as-rusos-saltaron-de-una-red-otra-wifi-inseguro.html</span></a> <a href="https://social.skynetcloud.site/tags/ciberespionaje" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ciberespionaje</span></a> <a href="https://social.skynetcloud.site/tags/apt28" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>apt28</span></a> <a href="https://social.skynetcloud.site/tags/rusia" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>rusia</span></a> <a href="https://social.skynetcloud.site/tags/apt" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>apt</span></a></p>
Pyrzout :vm:<p>Russian Cyberspies Hacked Building Across Street From Target for Wi-Fi Attack <a href="https://www.securityweek.com/russian-cyberspies-hacked-building-across-street-from-target-for-wi-fi-attack/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">securityweek.com/russian-cyber</span><span class="invisible">spies-hacked-building-across-street-from-target-for-wi-fi-attack/</span></a> <a href="https://social.skynetcloud.site/tags/NearestNeighborAttack" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>NearestNeighborAttack</span></a> <a href="https://social.skynetcloud.site/tags/Mobile" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Mobile</span></a>&amp;Wireless <a href="https://social.skynetcloud.site/tags/Nation" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Nation</span></a>-State <a href="https://social.skynetcloud.site/tags/Featured" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Featured</span></a> <a href="https://social.skynetcloud.site/tags/Russia" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Russia</span></a> <a href="https://social.skynetcloud.site/tags/APT28" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>APT28</span></a> <a href="https://social.skynetcloud.site/tags/Wi" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Wi</span></a>-Fi</p>
Pyrzout :vm:<p>Russian Cyberspies Hacked Building Across Street From Target for Wi-Fi Attack <a href="https://www.securityweek.com/russian-cyberspies-hacked-building-across-street-from-target-for-wi-fi-attack/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">securityweek.com/russian-cyber</span><span class="invisible">spies-hacked-building-across-street-from-target-for-wi-fi-attack/</span></a> <a href="https://social.skynetcloud.site/tags/NearestNeighborAttack" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>NearestNeighborAttack</span></a> <a href="https://social.skynetcloud.site/tags/Mobile" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Mobile</span></a>&amp;Wireless <a href="https://social.skynetcloud.site/tags/Nation" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Nation</span></a>-State <a href="https://social.skynetcloud.site/tags/Featured" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Featured</span></a> <a href="https://social.skynetcloud.site/tags/Russia" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Russia</span></a> <a href="https://social.skynetcloud.site/tags/APT28" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>APT28</span></a> <a href="https://social.skynetcloud.site/tags/Wi" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Wi</span></a>-Fi</p>
Miguel Afonso Caetano<p>"For determined hackers, sitting in a car outside a target's building and using radio equipment to breach its Wi-Fi network has long been an effective but risky technique. These risks became all too clear when spies working for Russia's GRU military intelligence agency were caught red-handed on a city street in the Netherlands in 2018 using an antenna hidden in their car's trunk to try to hack into the Wi-Fi of the Organization for the Prohibition of Chemical Weapons.</p><p>Since that incident, however, that same unit of Russian military hackers appears to have developed a new and far safer Wi-Fi hacking technique: Instead of venturing into radio range of their target, they found another vulnerable network in a building across the street, remotely hacked into a laptop in that neighboring building, and used that computer's antenna to break into the Wi-Fi network of their intended victim—a radio-hacking trick that never even required leaving Russian soil.</p><p>At the Cyberwarcon security conference in Arlington, Virginia, today, cybersecurity researcher Steven Adair will reveal how his firm, Volexity, discovered that unprecedented Wi-Fi hacking technique—what the firm is calling a “nearest neighbor attack"—while investigating a network breach targeting a customer in Washington, DC, in 2022. Volexity, which declined to name its DC customer, has since tied the breach to the Russian hacker group known as Fancy Bear, APT28, or Unit 26165."</p><p><a href="https://www.wired.com/story/russia-gru-apt28-wifi-daisy-chain-breach/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">wired.com/story/russia-gru-apt</span><span class="invisible">28-wifi-daisy-chain-breach/</span></a></p><p><a href="https://tldr.nettime.org/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CyberSecurity</span></a> <a href="https://tldr.nettime.org/tags/Russia" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Russia</span></a> <a href="https://tldr.nettime.org/tags/StateHacking" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>StateHacking</span></a> <a href="https://tldr.nettime.org/tags/FancyBear" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>FancyBear</span></a> <a href="https://tldr.nettime.org/tags/APT28" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>APT28</span></a> <a href="https://tldr.nettime.org/tags/Wifi" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Wifi</span></a></p>
Pyrzout :vm:<p>Russian TAG-110 Hacked 60+ Users With HTML Loaded &amp; Python Backdoor <a href="https://gbhackers.com/russian-tag-110-hacked-60-users/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">gbhackers.com/russian-tag-110-</span><span class="invisible">hacked-60-users/</span></a> <a href="https://social.skynetcloud.site/tags/CyberSecurityNews" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CyberSecurityNews</span></a> <a href="https://social.skynetcloud.site/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cybersecurity</span></a> <a href="https://social.skynetcloud.site/tags/Malware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Malware</span></a> <a href="https://social.skynetcloud.site/tags/THREATS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>THREATS</span></a> <a href="https://social.skynetcloud.site/tags/APT28" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>APT28</span></a></p>
PrivacyDigest<p><a href="https://mas.to/tags/Russian" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Russian</span></a> <a href="https://mas.to/tags/Spies" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Spies</span></a> Jumped From One Network to Another Via Wi-Fi in an Unprecedented <a href="https://mas.to/tags/Hack" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Hack</span></a> </p><p>In a first, Russia's <a href="https://mas.to/tags/APT28" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>APT28</span></a> hacking group appears to have remotely breached the Wi-Fi of an <a href="https://mas.to/tags/espionage" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>espionage</span></a> target by hijacking a laptop in another building across the street.<br><a href="https://mas.to/tags/security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>security</span></a> <a href="https://mas.to/tags/privacy" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>privacy</span></a> <a href="https://mas.to/tags/russia" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>russia</span></a></p><p><a href="https://www.wired.com/story/russia-gru-apt28-wifi-daisy-chain-breach/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">wired.com/story/russia-gru-apt</span><span class="invisible">28-wifi-daisy-chain-breach/</span></a></p>
Pyrzout :vm:<p>Russian Cyberespionage Group Hit 60 Victims in Asia, Europe – Source: www.securityweek.com <a href="https://ciso2ciso.com/russian-cyberespionage-group-hit-60-victims-in-asia-europe-source-www-securityweek-com/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">ciso2ciso.com/russian-cyberesp</span><span class="invisible">ionage-group-hit-60-victims-in-asia-europe-source-www-securityweek-com/</span></a> <a href="https://social.skynetcloud.site/tags/rssfeedpostgeneratorecho" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>rssfeedpostgeneratorecho</span></a> <a href="https://social.skynetcloud.site/tags/CyberSecurityNews" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CyberSecurityNews</span></a> <a href="https://social.skynetcloud.site/tags/securityweekcom" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>securityweekcom</span></a> <a href="https://social.skynetcloud.site/tags/Cyberespionage" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Cyberespionage</span></a> <a href="https://social.skynetcloud.site/tags/securityweek" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>securityweek</span></a> <a href="https://social.skynetcloud.site/tags/NationState" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>NationState</span></a> <a href="https://social.skynetcloud.site/tags/espionage" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>espionage</span></a> <a href="https://social.skynetcloud.site/tags/Europe" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Europe</span></a> <a href="https://social.skynetcloud.site/tags/Russia" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Russia</span></a> <a href="https://social.skynetcloud.site/tags/APT28" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>APT28</span></a></p>
Pyrzout :vm:<p>Russian Cyberespionage Group Hit 60 Victims in Asia, Europe <a href="https://www.securityweek.com/russian-cyberespionage-group-hit-60-victims-in-asia-europe/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">securityweek.com/russian-cyber</span><span class="invisible">espionage-group-hit-60-victims-in-asia-europe/</span></a> <a href="https://social.skynetcloud.site/tags/cyberespionage" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cyberespionage</span></a> <a href="https://social.skynetcloud.site/tags/Nation" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Nation</span></a>-State <a href="https://social.skynetcloud.site/tags/espionage" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>espionage</span></a> <a href="https://social.skynetcloud.site/tags/Europe" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Europe</span></a> <a href="https://social.skynetcloud.site/tags/Russia" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Russia</span></a> <a href="https://social.skynetcloud.site/tags/APT28" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>APT28</span></a></p>
Pyrzout :vm:<p>Russian Cyberespionage Group Hit 60 Victims in Asia, Europe <a href="https://www.securityweek.com/russian-cyberespionage-group-hit-60-victims-in-asia-europe/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">securityweek.com/russian-cyber</span><span class="invisible">espionage-group-hit-60-victims-in-asia-europe/</span></a> <a href="https://social.skynetcloud.site/tags/cyberespionage" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cyberespionage</span></a> <a href="https://social.skynetcloud.site/tags/Nation" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Nation</span></a>-State <a href="https://social.skynetcloud.site/tags/espionage" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>espionage</span></a> <a href="https://social.skynetcloud.site/tags/Europe" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Europe</span></a> <a href="https://social.skynetcloud.site/tags/Russia" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Russia</span></a> <a href="https://social.skynetcloud.site/tags/APT28" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>APT28</span></a></p>
Martin Boller 🇬🇱 🇺🇦 :tux: :freebsd: :windows: :mastodon:<p>"APT28: Following bear tracks back to the cave" presented by Golo Mühr</p><p><a href="https://infosec.exchange/tags/hacklu2024" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>hacklu2024</span></a> <a href="https://infosec.exchange/tags/apt28" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>apt28</span></a></p>