APT28

Russian hacking group targets home and small office routers to spy on users

| | APT28, dns, SBN News, SOHO routers, TP-LINK
The FBI, NCSC, and Microsoft warn of an ongoing Russian campaign hijacking DNS settings on home and small office routers to spy on users ...
Malwarebytes

Response to CISA Advisory (AA25-141A): Russian GRU Targeting Western Logistics Entities and Technology Companies

| | adversary emulation, APT28, cisa, CISA Advisory, credential harvesting, Fancy Bear, government, GRU, Russia, spear-phishing, technology, transportation
AttackIQ has released a new assessment template in response to the CISA Advisory (AA25-141A) published on May 21, 2025. The CSA highlights a cyber espionage-oriented campaign carried out by cyber actors affiliated ...
AttackIQ

APT28 HeadLace Malware Targeting European Networks Unveiled

| | Advanced Persistent Threats (APT), APT28, BlueDelta, credential harvesting, cyber defense, Cyber Espionage, cyber warfare, Cybersecurity News, cybersecurity threats, European Networks, Fancy Bear, Geofencing Malware, HeadLace Malware, Iron Twilight, LOLbins, Nation State Cyberattacks, Network Security, Russian GRU, spear-phishing, state-sponsored-hacking, Ukraine Cyber Attacks
In recent months, a series of cyber onslaughts have shaken networks across Europe, with the insidious HeadLace malware at the heart of the storm. This malevolent software, attributed to the Russian GRU-backed ...
TuxCare
German Foreign Minister Annalena Baerbock, standing in front of some German flags (“Bundesflagge”)

Germany Warns Russia: Hacking Will Have Consequences

| | Annalena Baerbock, APT28, Fancy Bear, Germany, GRU, Microsoft Outlook, Microsoft Outlook bug, Military Unit 26165, NATO, outlook, outlook hack, Russia, Russia-Ukraine, russia-ukraine conflict, SB Blogwatch, Strontium, Ukraine, Ukraine-Russia War, Ukraine/European Security
War of the words: Fancy Bear actions are “intolerable and unacceptable,” complains German foreign minister Annalena Baerbock ...
Security Boulevard
The Ubiquiti “U” logo, with superimposed text: “SELESS”

FBI Warns: Ubiquiti EdgeRouter is STILL Not Secure

| | APT28, Botnet disruption, Botnet Takedown, botnets, CVE-2023-23397, EdgeRouter, Fancy Bear, FBI warning, GRU, IC3, IC3.gov, Military Unit 26165, nsa, NSA/CISA, NTLM, NTLM Authentication, NTLM hash, NTLM leak, ntlm relay, Russia, russia hacker, russia-based, russian, Russian Cyber Interests, Russian Cyber War, SB Blogwatch, Ubiquiti, Ubiquiti breach, Ubiquiti Inc., Ubiquiti Networks, US FBI
GRU APT28 is back again: Fancy Bear still hacking ubiquitous gear, despite patch availability ...
Security Boulevard
russian, Russia Microsoft phishing AWS Ukraine

Feds Disrupt Botnet Used by Russian APT28 Hackers

| | APT28, Botnet disruption, china espionage, DOJ (Department of Justice), FBI, russia hacker
Federal law enforcement kicked Russian state hackers off a botnet comprising at least hundreds of home office and small office routers that had been pulled together by a cybercriminal group and co-opted ...
Security Boulevard
‘But His Emails!’ — Ukrainian Hackers Hack Hillary Hacker

‘But His Emails!’ — Ukrainian Hackers Hack Hillary Hacker

| | APT28, DCLeaks, Democratic National Committee, democrats, DNC, DNC hack, Fancy Bear, FBI, GRU, hillary clinton, Russia, SB Blogwatch, Sergey Aleksandrovich Morgachev, Strontium, Ukraine
Beware Fancy Bears Bearing Gifts: Confirms DCLeaks caper was by APT28. Also that APT28 is Russian military unit ...
Security Boulevard
Did U.S. Charge Klyushin to Reveal 2016 DNC Hack Info?

Did U.S. Charge Klyushin to Reveal 2016 DNC Hack Info?

| | APT28, Democratic National Committee, DNC hack, Fancy Bear, GRU, SB Blogwatch, Vladislav Klyushin
Vladislav Klyushin is thought to be helping feds learn more about the 2016 DNC breach. But something doesn’t add up ...
Security Boulevard
Russia

Russia, China, Iran Meddle in 2020 Election (Unsurprisingly)

| | APT28, APT31, APT35, Charming Kitten, china, Election Manipulation, Fancy Bear, Iran, Phishing, Russia, SB Blogwatch
It comes as no surprise to hear that Russia is up to its old tricks. China and Iran are also in on the game ...
Security Boulevard
GRU

Drovorub: Russia Pushing Invisible Malware, say NSA and FBI

| | APT28, Drovorub, Fancy Bear, Russia, SB Blogwatch
Fancy Bear is at it again. This time, it’s said to be infecting Linux machines with Drovorub—rootkit malware that’s very hard to detect ...
Security Boulevard
Load more