#bearboy🐻🐾 #fatbelly #bearmex #cubbears #bearboy #cubbears #bearathome #fancybear #nakedbears #fatboy #shirtlessbear https://www.instagram.com/p/Bvp7t-DA1oAbzUTUTNOnKoaUwGj-rTan3PvP0I0/?utm_source=ig_tumblr_share&igshid=pp2k9xjo0hsc

#bearboy🐻🐾 #fatbelly #bearmex #cubbears #bearboy #cubbears #bearathome #fancybear #nakedbears #fatboy #shirtlessbear https://www.instagram.com/p/Bvp7p99Aq-fQH5E6rYEWgpm4nZKSt_Wc2nbydw0/?utm_source=ig_tumblr_share&igshid=1ouz3swbox80m

Czechia and Germany have exposed a long-running cyber espionage campaign conducted by the notorious Russia-linked APT28 hacking group, drawing harsh criticism from international organizations like the European Union (EU), the North Atlantic Treaty Organization (NATO), the United Kingdom, and the United States. The Czech Republic's Ministry of Foreign Affairs revealed that certain entities within the country were targeted using a critical Microsoft Outlook vulnerability (CVE-2023-23397), allowing Russian state-sponsored hackers to escalate privileges and potentially gain unauthorized access. Germany Accuses APT28 of Targeting Social Democratic Party Similarly, Germany's Federal Government attributed the APT28 threat actor, also known as Fancy Bear, Pawn Storm, and Sofacy, to a cyber attack aimed at the Executive Committee of the Social Democratic Party, exploiting the same Outlook flaw over a "relatively long period" to compromise numerous email accounts. The targeted industries spanned logistics, armaments, air and space, IT services, foundations, and associations located in Germany, Ukraine, and other European regions. Germany also implicated APT28 in the 2015 cyber attack on the German federal parliament (Bundestag). Widespread Condemnation of Russia's Malicious Cyber Activities NATO stated that Russia's hybrid actions "constitute a threat to Allied security," while the Council of the European Union condemned Russia's "continuous pattern of irresponsible behavior in cyberspace." The UK government described the recent APT28 activity, including targeting the German Social Democratic Party, as "the latest in a known pattern of behavior by the Russian Intelligence Services to undermine democratic processes across the globe." The US Department of State acknowledged APT28's history of engaging in "malicious, nefarious, destabilizing and disruptive behavior," and reiterated its commitment to upholding a "rules-based international order, including in cyberspace." Disruption of APT28's Criminal Proxy Botnet Earlier in February, a coordinated law enforcement action disrupted a botnet comprising hundreds of SOHO routers in the US and Germany believed to have been used by APT28 to conceal their malicious activities, such as exploiting CVE-2023-23397 against targets of interest. Cybersecurity researchers warn that Russian state-sponsored cyber threats, including data theft, destructive attacks, DDoS campaigns, and influence operations, pose severe risks to upcoming elections in regions like the US, UK, and EU, with multiple hacking groups like APT28, APT44 (Sandworm), COLDRIVER, and KillNet expected to be active. Securing Critical Infrastructure from Pro-Russia Hacktivist Attacks Government agencies from Canada, the UK, and the US have released a joint fact sheet to help critical infrastructure organizations secure against pro-Russia hacktivist attacks targeting industrial control systems (ICS) and operational technology (OT) systems since 2022, often exploiting publicly exposed internet connections and default passwords. The recommendations include hardening human-machine interfaces, limiting internet exposure of OT systems, using strong and unique passwords, and implementing multi-factor authentication for all access to the OT network. Read the full article

View On WordPress

Once Again, APT28 Gets Linked to U.S. Election Interference Efforts | Cyware Alerts - Hacker News https://cyware.com/news/once-again-apt28-gets-linked-to-us-election-interference-efforts-8e6d143b @jeskalana @ilana.olsen #hacking #espionage #cyberwarfare #ww3 #fancybear #russians #germany #us https://www.instagram.com/p/CFVJnOmBz7q/?igshid=haz58892j6xl

Microsoft has once again turned to US courts to seize six internet domains it says the notorious Fancy Bear hackers had set up for spearphishing US politicians and think-tanks ahead of the midterm elections in November. Along with the domain seizures, Microsoft has launched a new security service dubbed Microsoft AccountGuard, which will be available at no charge to all current US federal, state and local candidates, so long as they're using Office 365. The service includes threat detection and notifications for eligible Office 365, Outlook.com, and Hotmail accounts. Microsoft will directly notify these organizations if it detects new threats targeting users' corporate email addresses and personal accounts, while offering early access to security features usually reserved for large business and government customers. The domains seized were designed to mimic websites of the International Republican Institute, whose board includes six Republican senators, conservative think-tank the Hudson Institute, the ADFS (Active Directory Federation Services) email service of the US Senate, and Microsoft's Office 365 and OneDrive services. Microsoft said the sites were created by Fancy Bear hackers, widely believe to be linked to the Russian military. US intelligence accused Fancy Bear of hacking the Democratic National Committee's computers in 2016 and leaking sensitive emails via WikiLeaks to sway the presidential election in favor of Donald Trump and harming his opponent, Hillary Clinton. That hack occurred after a spearphishing attack against officials from Clinton's campaign team. "Attackers want their attacks to look as realistic as possible and they therefore create websites and URLs that look like sites their targeted victims would expect to receive email from or visit. The sites involved in last week's order fit this description," said Microsoft president and chief legal officer Brad Smith. He said Microsoft was concerned the attempts posed security threats to a broadening array of groups connected with both US political parties in the lead-up to the midterm elections. However, he noted that Microsoft has no evidence the domains have been used in any successful attack and does not have evidence who the ultimate targets were. "Despite last week's steps, we are concerned by the continued activity targeting these and other sites and directed toward elected officials, politicians, political groups, and think-tanks across the political spectrum in the United States," he noted. "Taken together, this pattern mirrors the type of activity we saw prior to the 2016 election in the United States and the 2017 election in France." The domain seizure was led by Microsoft's Digital Crimes Unit, which has used similar court orders 12 times in two years to shut down 84 bogus websites linked to the Fancy Bear, which Microsoft calls Strontium, and is also known as APT28. Microsoft's action follows the indictment by the Justice Department in July of 12 officials from the GRU, Russia's main intelligence directorate, over the DNC hack. via Microsoft: We've just messed up Russian plans to attack US 2018 midterm elections | ZDNet Read the full article