👀 Tak to już jest, że zawsze w oceanie znajdzie się jakaś większa ryba. Gdy na liście ofiar cyberszpiegów są partie polityczne, ambasady, prezydent Stanów Zjednoczonych, FBI i NSA, Pentagon czy NASA, a to jedynie mały wycinek listy, to brzmi tak abstrakcyjnie, że aż niewiarygodnie.

Źródła:

❗️Advanced Persistent Threats: Attack Stages, Examples, and Mitigation

https://www.hackerone.com/knowledge-center/advanced-persistent-threats-attack-stages-examples-and-mitigation

🔎 The MiniDuke Mystery: PDF 0-day Government Spy Assembler 0x29A Micro Backdoor

https://securelist.com/the-miniduke-mystery-pdf-0-day-government-spy-assembler-0x29a-micro-backdoor/31112/

👻 OPERATION GHOST. The Dukes aren’t back — they never left

https://web-assets.esetstatic.com/wls/2019/10/ESET_Operation_Ghost_Dukes.pdf

📧 Official: Russia suspected in Joint Chiefs email server intrusion

https://edition.cnn.com/2015/08/05/politics/joint-staff-email-hack-vulnerability/

🧑🏻‍⚖️ CrowdStrike’s work with the Democratic National Committee: Setting the record straight

https://www.crowdstrike.com/blog/bears-midst-intrusion-democratic-national-committee/

👣 Following the Links From Russian Hackers to the U.S. Election

https://www.nytimes.com/interactive/2016/07/27/us/politics/trail-of-dnc-emails-russia-hacking.html

🇳🇴 Norway: Russian hackers hit spy agency, defense, Labour party

https://eu.usatoday.com/story/news/2017/02/03/norway-russian-hackers-hit-spy-agency-defense-labour-party/97441782/

🚨 Russian hackers breached Dutch police systems in 2017

https://therecord.media/russian-hackers-breached-dutch-police-systems-in-2017

🦠 Advisory: APT29 targets COVID-19 vaccine development

https://www.ncsc.gov.uk/files/Advisory-APT29-targets-COVID-19-vaccine-development.pdf

🥷 Russian hack was ‘classic espionage’ with stealthy, targeted tactics

https://www.washingtonpost.com/technology/2020/12/14/russia-hack-us-government/

🦾 SolarWinds is ‘largest’ cyberattack ever, Microsoft president says

https://www.politico.eu/article/solarwinds-largest-cyberattack-ever-microsoft-president-brad-smith/

🔓 Unauthorized Access of FireEye Red Team Tools

https://www.mandiant.com/resources/blog/unauthorized-access-of-fireeye-red-team-tools

👨‍💼 Former SolarWinds CEO blames intern for ‘solarwinds123’ password leak

https://edition.cnn.com/2021/02/26/politics/solarwinds123-password-intern/index.htm

🕵🏻 RSAConference. SolarWinds: What Really Happened?

https://www.rsaconference.com/library/presentation/usa/2021/solarwinds-what-really-happened

🔑 APT29 @ malpedia

https://malpedia.caad.fkie.fraunhofer.de/actor/apt29

📄 FACT SHEET: Imposing Costs for Harmful Foreign Activities by the Russian Government

https://www.whitehouse.gov/briefing-room/statements-releases/2021/04/15/fact-sheet-imposing-costs-for-harmful-foreign-activities-by-the-russian-government/

Relevant xkcd: https://xkcd.com/1573/

© Wszystkie znaki handlowe należą do ich prawowitych właścicieli.

❤️ Dziękuję za Waszą uwagę.

Znajdziecie mnie również na:

Instagramie @mateuszemsi https://www.instagram.com/mateuszemsi/

Twitterze @MateuszChrobok https://twitter.com/MateuszChrobok

Mastodonie https://infosec.exchange/@mateuszchrobok

LinkedInie @mateuszchrobok https://www.linkedin.com/in/mateuszchrobok/

Patronite @MateuszChrobok https://patronite.pl/MateuszChrobok

Podcasty na:

Anchor https://anchor.fm/mateusz-chrobok

Spotify https://open.spotify.com/show/6y6oWs20HwRejktOWHTteR

Apple Podcasts https://apple.co/3OwjvOh

Rozdziały:

00:00 Intro

01:13 APT

03:39 Kalendarium

09:58 SolarWinds

21:39 Atrybucja

23:30 Co Robić i Jak Żyć?

#APT #Rosja #cyberbezpieczeństwo #szpiegowanie #służby

https://www.youtube.com/watch?v=pwqzZjesS_U