Hot Topics

APT29

Response to CISA Advisory (AA24-057A): SVR Cyber Actors Adapt Tactics for Initial Cloud Access

| | adversary emulation, APT29, CISA Alert, government, Russia, SVR
AttackIQ recommends that customers take the following testing actions in alignment to the recently published CISA Advisory (AA24-057A) which details recent Tactics, Techniques, and Procedures (TTPs) exhibited by the Russian Foreign Intelligence ...
AttackIQ

DNC Breach Threat Actors Involved In HP Enterprise Hack

| | advanced threat detection, APT29, cyber incident response, Cybersecurity Best Practices, Cybersecurity News, cybersecurity threats, DNC Breach, HPE Hack, Multi-Factor Authentication, Office 365 Security, Russian State-sponsored Hackers
In the realm of cybersecurity, recent events have once again brought attention to the persistent and evolving cyber-attack on organizations worldwide. One such incident involves information technology giant Hewlett Packard Enterprise (HPE) ...
TuxCare

APT29 Espionage Attacks: Microsoft Issues Urgent Warning

| | Advanced Persistent Threats (APT), APT29, Cyber Espionage, Cyber threat landscape, cybersecurity awareness, Cybersecurity News, Microsoft security, Multi-Factor Authentication (MFA), OAuth Applications, Password Spray Attack, Threat Intelligence
In a recent announcement, Microsoft issued a warning regarding the increasing activities of APT29, a Russian state-sponsored cyber threat group. This group, notorious for its involvement in espionage attacks on Microsoft‘s systems ...
TuxCare
Timeline of Microsoft Breach by Russian Hackers

Behind The Breach: Microsoft Breach by Russian Hackers

| | APT29, Data breach, Data breaches, FEATURED, identity threat detection and response, ITDR, Microsoft breach, Midnight Blizzard, NOBELIUM, SaaS Security, SaaS security posture, saas security solutions, Security Guidance, solarwinds-hack, SSPM
On 12 January 2024, Microsoft disclosed a critical breach carried out by Russian state-sponsored group, Midnight Blizzard. The threat actor used a password-spraying attack to gain unauthorized access to Microsoft Corporation’s Office ...
Obsidian Security
Microsoft CEO Satya Nadella, with superimposed text: “Russia hacked me”

Russia Hacked Microsoft Execs — SolarWinds Hackers at it Again

| | APT29, azure, Azure cloud, Cozy Bear, lateral attack, lateral movement, LateralMovement, Microsoft, Microsoft 365, Midnight Blizzard, password spraying, Russia, Russian Cyber War, Russian cybercrime, Russian FSB, Russian hacker, Russian hackers, Russian hacking, Russian Threat Actors, SB Blogwatch
AKA APT29: Midnight Blizzard / Cozy Bear makes it look easy (and makes Microsoft look insecure) ...
Security Boulevard
APT AiTM quantum attacks Raspberry Robin APT29 ransomware NATO Barracuda Networks ATO Attacks

APT29 Leverages Google Drive, Dropbox to Evade Detection

| | APT29, Cosy Bear, cyberattack, Malware, Russia
Call them Cozy Bear or APT29 or Nobelium or, as Palo Alto Networks’ Unit 42 does, Cloaked Ursa—no matter what name they go by, Russia’s Intelligence Service is still at it, this ...
Security Boulevard
New Russian Hacks Revealed—but U.S. Says it’s Microsoft’s Fault

New Russian Hacks Revealed—but U.S. Says it’s Microsoft’s Fault

| | APT29, Cozy Bear, Microsoft, Russia, SB Blogwatch, SolarWinds, This story is a massive nothingburger
Microsoft has issued another of its “look how clever we are” writeups of detecting APT29 hackers. But the U.S. government sees it differently ...
Security Boulevard
Russian APT28 botnet FBI

U.S. Takes Aim at Russia’s Cyber Ops Ecosystem

| | APT29, Cozy Bear, GRU, hacker, Russia, SolarWinds, SVR
The Biden administration is taking the Russian cyber operations ecosystem to task with sanctions pointed at both established Russian companies as well as Russian-controlled entities created by the FSB, GRU and SVR ...
Security Boulevard
U.S. Fingers Putin’s Cozy Bear for SolarWinds Attacks

U.S. Fingers Putin’s Cozy Bear for SolarWinds Attacks

| | APT29, Cozy Bear, Russia, SB Blogwatch, SolarWinds, SVR
To the surprise of precisely nobody, the NSA, FBI and CISA agreed that last year’s SolarWinds supply-chain attack was orchestrated by the Russian state ...
Security Boulevard
Biden ‘Will Cyberattack Putin’ (Because SolarWinds)

Biden ‘Will Cyberattack Putin’ (Because SolarWinds)

| | APT29, Biden, Putin, Russia, SB Blogwatch, SolarWinds
President Joe Biden has authorized “devastating” retaliation against the Russian government for the recent hacking attributed to Russia ...
Security Boulevard
Load more