Russia's 'Midnight Blizzard' Targets Service Accounts for Initial Cloud Access
CISA and its counterparts in the UK and other countries this week offered new guidance on how to deal with the threat actor's recent shift to cloud attacks.
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
CISA and its counterparts in the UK and other countries this week offered new guidance on how to deal with the threat actor's recent shift to cloud attacks.
Cybersecurity and intelligence agencies from the Five Eyes nations have released a joint advisory detailing the evolving tactics of the Russian state-sponsored threat actor known as APT29
Five Eyes Cyber Agencies Say Kremlin Hackers Are Following Victims to the CloudThe Russian intelligence hacking group known as APT29 or Cozy Bear is responding to the corporate migration to the cloud with matching hacking techniques, says an alert from international cyber agencies. Threat intelligence firms warn that APT29 has amplified its global cyberespionage operations.
Members of the Five Eyes (FVEY) intelligence alliance warned today that APT29 Russian Foreign Intelligence Service (SVR) hackers are now switching to attacks targeting their victims' cloud services. [...]
Known as Midnight Blizzard, the Dukes or Cozy Bear, the group has been identified as a Russian entity likely operating under the SVR
Cozy Bear may have had access to the green rectangular email and SharePoint cloud for six months HPE has become the latest tech giant to admit it has been compromised by Russian operatives.…
'Midnight Blizzard' Was Inside Company Network for 7 MonthsHewlett Packard Enterprise in an after-hours regulatory filing disclosed that suspected Russian state hackers had gained access to corporate email inboxes for more than seven months. A threat group tracked as "Midnight Blizzard" first penetrated HPE's cloud-based email service in May 2023.
The Russian state-sponsored hacking collective known as APT29 has been attributed to a new phishing campaign that takes advantage of legitimate cloud services like Google Drive and Dropbox to deliver malicious payloads on compromised systems