German political party targeted by SVR-linked group in spearphishing campaign, Mandiant says
The group may have been seeking insights on shifting European sentiments on Ukraine, threat analysts suggest.
The group may have been seeking insights on shifting European sentiments on Ukraine, threat analysts suggest.
The advisory issued by the U.K.’s National Cyber Security Centre breaks down tactics and techniques from SVR hacking ops.
Microsoft said the SVR attack “was not the result of a vulnerability” in its products or services.
A new analysis unpacks a wide array of malware abusing legitimate internet services and what defenders should do to stop it.
The Ukrainian cybersecurity official discusses charging Russian operatives with war crimes for digital assaults on civilians.
APT29, one of the SVR’s most active and successful hacking groups, has been using the cloud service to help deliver malware, the researchers said.
New infrastructure, old tricks.
The intrusions were targeted at emails and other sensitive but unclassified data, particularly in Microsoft 365 environments, CISA said.
It’s less clear what APT29 might be doing with the hacking tool, after allegedly using it last summer to try to steal COVID-19 research.
Spies accessed some “basic account information” from a limited number of Microsoft clients.