Category Archives: APT29

Russian hacking unit Cozy Bear adds Google Drive to its arsenal, researchers say

The state-backed Russian hacking team behind some of the biggest digital intrusions in recent years has been using both Google Drive and Dropbox to deliver malware against a range of targets, researchers said Tuesday. Researchers with Palo Alto Networks’ Unit 42 threat intelligence team said Tuesday that the Russian Foreign Intelligence Service (SVR) hacking unit […]

SolarWinds hackers set up phony media outlets to trick targets

The Russian hacking group behind the SolarWinds hack, Nobelium, is setting up new infrastructure to launch attacks using old tricks, researchers at Recorded Future found. The findings, published Tuesday and shared first with CyberScoop, demonstrate how the group has evolved in recent months in an effort to avoid researcher detection. Researchers identified more than four […]

Evidence suggests Russia’s SVR is still using ‘WellMess’ malware, despite US warnings

President Joe Biden urging Vladimir Putin to crack down on cyberattacks coming from within Russian borders doesn’t seem to have convinced the Kremlin to give it up just yet. RiskIQ said in a report Friday that it uncovered active hacking infrastructure that Western governments attributed last summer to the Russian SVR intelligence agency-linked APT29 or […]

Ex-US ambassador, anti-corruption activists in Ukraine were targets of suspected Russian phishing

An ex-U.S. ambassador to Russia, anti-corruption activists in Ukraine and election observers in other parts of Eastern Europe were among the apparent targets of a suspected Russian state-sponsored hacking effort, according to data linked to the spying operation that a researcher shared with CyberScoop. The list offers classic examples of organizations that Russian spies might […]

U.S. government accuses Russian companies of recruiting spies, hacking for Moscow

The Biden Administration took a sideswipe at the Russian government’s network of companies it allegedly relies on to conduct intelligence and military hacking Thursday — part of a broader effort to beat back Russian government hacking and information operations targeting Americans, the U.S. private sector and the federal government. In one of the most striking […]

White House slaps sanctions on Russian cyber activities while blaming SVR for SolarWinds campaign

The Biden administration on Thursday imposed sweeping sanctions on Russian intelligence operatives for their alleged interference in the 2020 U.S. election, and on Russian companies for allegedly supporting Moscow’s extensive cyber-espionage operations. The Treasury Department sanctioned 32 organizations and individuals for their alleged influence operations aimed at the U.S. election. The White House said it […]

NSA, FBI, DHS expose Russian intelligence hacking tradecraft

The U.S. government warned the private sector Thursday that Russian government hackers working for Russia’s Foreign Intelligence Service (SVR) are actively exploiting five known vulnerabilities to target U.S. companies and the defense industrial base. The National Security Agency, the FBI and the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) urged system administrators […]

This site uses cookies to offer you a better browsing experience. By browsing this website, you agree to our use of cookies.