Vetted by NeuralPress's Multi-Agent Verifier for strict factual validity and event relevance. Our compliance engine cross-checks and filters search results to ensure zero false correlations or misleading content.
Primary Sources
UK exposes Russian military intelligence hijacking vulnerable routers ...
The National Cyber Security Centre (NCSC) – a part of GCHQ – has published a new advisory revealing how Russian cyber actors have compromised commonly used routers, allowing them to covertly reroute users’ internet traffic through malicious servers under their control.The new advisory warns that Russian state cyber group APT28 has exploited vulnerable internet routers to enable Domain Name System (DNS) hijacking operations, giving the attackers the ability to intercept traffic and harvest login credentials, including passwords and access tokens, from personal web and email services.DNS is what allows individuals to reach websites by typing familiar addresses, instead of associated IP addresses. In a DNS hijacking attack, actors interfere with this process to covertly send users to malicious websites designed to steal login details or other sensitive information.The advisory also notes that the activity is likely opportunistic in nature, with the actor casting a wide net to reach many potential victims, before narrowing in on targets of intelligence interest as the attack develops.APT28 has previously been linked by the UK to Russia’s GRU 85th Main Special Service Centre (GTsSS), Military Unit 26165.Paul Chichester, NCSC Director of Operations, said:This activity demonstrates how exploited vulnerabilities in widely used network devices can be leveraged by sophisticated hostile actors.We strongly encourage organisations and network defenders to familiarise themselves with the techniques described in the advisory and to follow the mitigation advice.The NCSC will continue to expose Russian malicious cyber activity and provide practical guidance to help protect UK networks.Organisations and network defenders are encouraged to follow the mitigation advice to effectively protect against DNS hijacking attacks, including protecting the management interfaces of systems, ensuring devices and software are maintained and up-to-date, and setting up two-step verification.The NCSC has previously called out APT 28 / Unit 26165, also known in open source as Fancy Bear, Forest Blizzard, the Sednit Gang and Sofacy, for deploying a sophisticated malware dubbed AUTHENTIC ANTICS and targeting western logistics entities and technology companies.
russia hacking | PBS News
World Jul 01 NSA discloses hacking methods it says are used by Russia U.S. and British agencies have disclosed hacking techniques they say are used by Russian intelligence to target hundreds of government agencies, energy companies and other organizations, amid a wave of devastating cyberattacks around the world. World Jun 16 Watch 8:19 Exploring the issues affecting US-Russia relations and the future of diplomacy There was a lot at stake and a lot discussed Wednesday during President Joe Biden's meeting with Russia's president Vladimir Putin. Nick Schifrin explores the outcome of their summit with Fiona Hill. Hill served as senior director for European and… By Nick Schifrin, Dan Sagalyn World Jul 16 Watch 8:48 What high-profile hacking attacks say about cybersecurity Two major cybersecurity intrusions, each with global implications, are in the news. On Wednesday, hackers accessed high-profile Twitter accounts, using them to promote the cryptocurrency Bitcoin. Also, three countries accused Russia of trying to steal research into a possible COVID-19… Nation Jul 18 Watch 6:25 How FaceApp highlights a gap in U.S. privacy protections The growing popularity of FaceApp, a photo filter app that allows users to transform their features by adding or removing wrinkles, is sounding alarm bells among privacy advocates and lawmakers. There are questions about how the images of people's faces… The Wall Street Journal reported that Russia obtained classified information about how the U.S. military protects its computer networks and conducts electronic spying. The breach occurred when data was stolen by an NSA contractor, then hacked by Russia. Hari Sreenivasan… Continue watching Dec 19 Sen. John McCain, chairman of the Armed Services Committee, on Sunday joined Democrats in calling for a special select committee to investigate foreign cyberattacks, putting him at odds with the incoming GOP president. Trump calls reports of Russian hacking "ridiculous."… Continue reading Dec 18 The CIA says U.S. intelligence agencies agree that Moscow was behind the cyber break-in of the Democratic National Committee. Continue reading Dec 16 CIA Director John Brennan said in the message that "there is strong consensus among us on the scope, nature, and intent of Russian interference in our presidential election."… Continue reading
Russian hackers target WhatsApp, Signal users, UK warns| Cybernews
The NCSC is the latest agency to warn users of Russian hackers targeting messaging apps. In March, the General Dutch Intelligence Agency (AIVD) and Dutch Military Intelligence and Security Service (MIVD) announced that WhatsApp and Signal accounts used by officials, military personnel, and journalists had been hacked by state-sponsored hackers from Russia. Signal seized the opportunity to warn ...
Cyberwarzone - Your Eyes in Cyberspace
North Korean Hackers Deploy StoatWaffle Malware via VS Code Projects FortiGate devices exploited to steal service account credentials and breach networks UNC4899 breached crypto firm after developer AirDropped trojanized file to work device APT28 used BEARDSHELL and COVENANT to spy on Ukrainian military personnel
