Azerbaiyán acusa a Rusia de un ciberataque a medios locales a través del grupo APT29. La tensión crece antes de las visitas de Netanyahu y Erdogan a Bakú, en un contexto de distanciamiento geopolítico. #apt29 #azerbaiyán #BenjamínNetanyahu #ciberataque #erdogan #israel #rusia #turquia https://soyarmenio.com/noticias-internacionales/azerbaiyan-acusa-rusia-ciberataque/

Azerbaijani blames #Russia for February #cyberattack

An investigation found the Feb 20th cyberattack against #Azerbaijan was carried out by infamous APT29 group, aka Cozy Bear, widely believed linked to #Russia’s Foreign Intelligence Service

Activities of #APT29, which is engaged in #cyber e#spionage, are mainly directed against govt agencies, foreign diplomatic missions, political, defense, energy, media and other critical areas

https://kyivindependent.com/azerbaijan-blames-russia-for-february-cyberattack/

#RussianAggression #HybridWar

Renewed APT29 Phishing Campaign Against European Diplomats

https://research.checkpoint.com/2025/apt29-phishing-campaign/

#apt29 #phishing #campaign

"Infrastructure risks have also been prominent, w/vulnerabilities in ASUS routers & critical ICS devices from Schneider Electric & Yokogawa exposing sectors like #energy & manufacturing to..." digitalfrontierpartners.com.au/news/latest-... RU #APT29 Android #NFC China #UNC5221 #SNOWLIGHT #TONESHELL

Latest Sophisticated Attacks a...

#Russia-linked #APT29 targets European diplomatic entities with #GRAPELOADER malware
https://securityaffairs.com/176730/apt/russia-linked-apt29-targets-european-diplomatic-entities-with-grapeloader.html
#securityaffairs #hacking #malware

Russian hacker group Cozy Bear (aka #MidnightBlizzard, APT29) is back, using wine-tasting invites to phish EU diplomats. The bait? A new wave of WineLoader malware. 🍷🎣

Read: https://hackread.com/cozy-bear-wine-lure-wineloader-malware-eu-diplomats/

#CyberSecurity #APT29 #WineLoader #Russia #EU

APT29 déploie un malware ciblant des diplomates
https://www.lemondeinformatique.fr/actualites/lire-apt29-deploie-un-malware-ciblant-des-diplomates-96639.html

#Infosec #Security #Cybersecurity #CeptBiro #APT29 #Malware #Diplomates

Good day everyone!

Check Point Software researchers produced another great article that involves #APT29 and #phishing and a little bit of masquerading. This phishing campaign targeted European diplomatic entities that distributes fake invitations to diplomatic events and appears to be a continuation of a previous campaign run by the same actors. These phishing emails utilized a backdoor known as #Wineloader and also employs a new loader #Grapeloader. There is a lot to unpack here and I hope you enjoy!

Renewed APT29 Phishing Campaign Against European Diplomats
https://research.checkpoint.com/2025/apt29-phishing-campaign/

Intel 471 Cyborg Security, Now Part of Intel 471 #ThreatIntel #ThreatHunting #ThreatDetection #HappyHunting #readoftheday

🍷 Cozy Bear (APT29) is back — and this time, they’re targeting EU diplomats with fake wine-tasting invitations.

The attack chain:
📧 Emails impersonating foreign ministries
📎 Attachments loaded with GRAPELOADER
🎯 Embassies, diplomats, and government agencies in the crosshairs
🧠 Classic social engineering — elegant, persistent, and dangerous

Threat actors don’t need zero-days when polished social engineering still works.

#CyberSecurity #APT29 #ThreatIntel #Phishing #DiplomaticSecurity
https://www.helpnetsecurity.com/2025/04/16/cozy-bear-targets-eu-diplomats-with-wine-tasting-invites-again/

Renewed APT29 Phishing Campaign Against European Diplomats
https://research.checkpoint.com/2025/apt29-phishing-campaign/

#Infosec #Security #Cybersecurity #CeptBiro #APT29 #PhishingCampaign #EuropeanDiplomats

Our latest blog post is live, check it out!

🗞️ https://opalsec.io/daily-news-update-sunday-march-30-2025-australia-melbourne/

* 👾 Obscure Programming Languages in Malware: Malware authors are getting creative, using less common languages like Rust, Nim, Phix, Lisp and Haskell to evade detection - and it works.
* 💔 $8.2 Million Seized in Crypto Romance Baiting: The DOJ just seized millions in USDT from "romance baiting" scams (aka pig butchering), with links to human trafficking in Cambodia and Myanmar. This is a stark reminder of the human element in cybercrime.

Don't forget, you can subscribe to our newsletter here to get the updates straight to your inbox!

📨https://opalsec.io/daily-news-update-sunday-march-30-2025-australia-melbourne/#/portal/signup

#cybersecurity #malware #ransomware #cryptoscams #threatintel #infosec #rustlang #phishing #APT29 #pigbutchering #usdt #doj #fbi #cybercrime #securityresearch #zerotrust #threatdetection #reversengineering

Multiple Russian Threat Actors Targeting Microsoft Device Code Authentication
#APT29
https://www.volexity.com/blog/2025/02/13/multiple-russian-threat-actors-targeting-microsoft-device-code-authentication/

#Russia-linked #APT29 group used red team tools in rogue #RDP Attacks
https://securityaffairs.com/172117/apt/russian-apt29-group-uses-rogue-rdp.html
#securityaffairs #hacking

Christmas nears, the "Wild Hunt" too And with it the Koshchei rides anew: thehackernews.com/2024/12/apt2... as a monster in the middle he hides and spies as a config among configs in disguise leave your laptop let your emails lay have no rush on Christmas day. #cybersec #apt29 #christmas #hacker

#PutinExhibitA06

#CozyBear #APT29 #SurkovSiegeDiscovery #NCSC #1024Eyes

#FWakeY2020 #FWakeYear2020 16 July 2020

APT29 (also known as ‘the Dukes’ or ‘Cozy Bear’) is a cyber espionage group, almost certainly part of the Russian intelligence services. The United States’ National Security Agency (NSA) agrees with this attribution and the details provided in this report.

https://www.ncsc.gov.uk/news/advisory-apt29-targets-covid-19-vaccine-development

Nowy sposób na kradzież danych z systemów Windows – malware via RDP, kampania rosyjskiej grupy APT29

Rosyjska grupa APT „Midnight Blizzard” wykorzystuje pliki .rdp w kampanii malware, która umożliwia kradzież danych z dysków użytkowników oraz dystrybucję złośliwego oprogramowania w sieci ofiary. Atak polega na oszukaniu użytkownika, aby otworzył spreparowany plik .rdp, co skutkuje kradzieżą danych i potencjalnym zainfekowaniem innych urządzeń. Nasi pentesterzy natrafili na ślady tej...

#Teksty #WBiegu #Apt29 #Malware #Microsoft #Rdp #Stealer

https://sekurak.pl/nowy-sposob-na-kradziez-danych-z-systemow-windows-malware-via-rdp-kampania-rosyjskiej-grupy-apt29/

Midnight Blizzard Spearphishing Campaign Exposes Thousands to RDP Threats - https://www.redpacketsecurity.com/midnight-blizzard-spearphishing-campaign-targets-thousands-with-rdp-files/

#threatintel #spear_phishing #infostealer #APT29

What is possible with rouge RDP - seen being used by #APT29

Good read: https://www.blackhillsinfosec.com/rogue-rdp-revisiting-initial-access-methods/
https://bird.makeup/users/bushidotoken/statuses/1851387636830654592

#AWS ､ #ロシア の #APT29 が使う #ドメイン を #差し押さえ | Codebook｜Security News
... Amazon Web Services (AWS) は24日、ロシアの #脅威アクター APT29が #フィッシング攻撃 ... 標的にされなかったとのこと …
https://codebook.machinarecord.com/threatreport/35419/