APT29 Archives

russian, Russia Microsoft phishing AWS Ukraine

Russian-Linked ATP29 Makes Another Run at Microsoft Credentials

Jeffrey Burt | August 31, 2025 | APT29, Cozy Bear, Microsoft, Midnight Blizzard, Phishing Attacks, russia hacker, watering hole attack

Amazon researchers disrupted a watering hole campaign by Russian-linked cyberespionage group APT29 designed to use compromised websites to trick users into giving the threat actors access to their Microsoft accounts and data ...

Security Boulevard

NSFOCUS APT Monthly Briefing – April 2025

NSFOCUS | June 16, 2025 | APT, APT group, APT29, Blog, Lazarus, SideCopy, Threat analysis

Regional APT Threat Situation Overview In April 2025, the global threat hunting system of Fuying Lab discovered a total of 20 APT attack activities. These activities are mainly distributed in East Asia, ...

NSFOCUS, Inc., a global network and cyber security leader, protects enterprises and carriers from advanced cyber attacks.

AWS Seizes Domains Used by Russian Threat Group APT29

Jeffrey Burt | October 25, 2024 | Amazon Web Services (AWS), APT29, phishing attack, russia hacker, Ukraine cybersecurity

Cloud computing giant AWS, tipped off by Ukrainian security experts, seized domains that were being used by Russian threat group APT29 to send phishing emails to government officials and enterprises that contained ...

Security Boulevard

Vladimir Vladimirovich Putin (or possibly a very good lookalike)

‘Russia’ Breaches TeamViewer — ‘No Evidence’ Billions of Devices at Risk

SolarWinds hackers strike again: Remote access service hacked—by APT29, says TeamViewer ...

Security Boulevard

Who Are APT29?

Kevin Smith | April 23, 2024 | APT29, Hacking, Malware, Threats and Trends

Russian hacker group APT29 is one of the most technically skilled and organized threat actors ...

Blog – Coro Cybersecurity

Response to CISA Advisory (AA24-057A): SVR Cyber Actors Adapt Tactics for Initial Cloud Access

Francis Guibernau | February 27, 2024 | adversary emulation, APT29, CISA Alert, government, Russia, SVR

AttackIQ recommends that customers take the following testing actions in alignment to the recently published CISA Advisory (AA24-057A) which details recent Tactics, Techniques, and Procedures (TTPs) exhibited by the Russian Foreign Intelligence ...

AttackIQ

DNC Breach Threat Actors Involved In HP Enterprise Hack

Wajahat Raja | February 9, 2024 | advanced threat detection, APT29, cyber incident response, Cybersecurity Best Practices, Cybersecurity News, cybersecurity threats, DNC Breach, HPE Hack, Multi-Factor Authentication, Office 365 Security, Russian State-sponsored Hackers

In the realm of cybersecurity, recent events have once again brought attention to the persistent and evolving cyber-attack on organizations worldwide. One such incident involves information technology giant Hewlett Packard Enterprise (HPE) ...

TuxCare

APT29 Espionage Attacks: Microsoft Issues Urgent Warning

Wajahat Raja | February 7, 2024 | Advanced Persistent Threats (APT), APT29, Cyber Espionage, Cyber threat landscape, cybersecurity awareness, Cybersecurity News, Microsoft security, Multi-Factor Authentication (MFA), OAuth Applications, Password Spray Attack, Threat Intelligence

In a recent announcement, Microsoft issued a warning regarding the increasing activities of APT29, a Russian state-sponsored cyber threat group. This group, notorious for its involvement in espionage attacks on Microsoft‘s systems ...

TuxCare

Timeline of Microsoft Breach by Russian Hackers

Behind The Breach: Microsoft Breach by Russian Hackers

Farah Iyer | February 2, 2024 | APT29, Data breach, Data breaches, FEATURED, identity threat detection and response, ITDR, Microsoft breach, Midnight Blizzard, NOBELIUM, SaaS Security, SaaS security posture, saas security solutions, Security Guidance, solarwinds-hack, SSPM

On 12 January 2024, Microsoft disclosed a critical breach carried out by Russian state-sponsored group, Midnight Blizzard. The threat actor used a password-spraying attack to gain unauthorized access to Microsoft Corporation’s Office ...

Obsidian Security

Microsoft CEO Satya Nadella, with superimposed text: “Russia hacked me”

Russia Hacked Microsoft Execs — SolarWinds Hackers at it Again

AKA APT29: Midnight Blizzard / Cozy Bear makes it look easy (and makes Microsoft look insecure) ...

Security Boulevard

APT29

Senator Sanders Wants to Own AI Companies — and Hand America’s Adversaries the Keys

NIST’s Nine: The PQC Signature Race Moves to Round Three

The Quantum Arms Race: Why Washington Just Wrote a $2 Billion Check to Nine Companies

Beyond Moore’s Law: The Hyper-Acceleration of Autonomous AI Cyber Capabilities

The Exception Economy: When Security Teams Stop Protecting and Start Negotiating

GoPlus’s Latest Report Highlights How Blockchain Communities Are Leveraging Critical API Security Data To Mitigate Web3 Threats

C2A Security’s EVSec Risk Management and Automation Platform Gains Traction in Automotive Industry as Companies Seek to Efficiently Meet Regulatory Requirements

Zama Raises $73M in Series A Lead by Multicoin Capital and Protocol Labs to Commercialize Fully Homomorphic Encryption

RSM US Deploys Stellar Cyber Open XDR Platform to Secure Clients

ThreatHunter.ai Halts Hundreds of Attacks in the past 48 hours: Combating Ransomware and Nation-State Cyber Threats Head-On