Apr 1 2024
Rosyjski wywiad atakuje
👀 Tak to już jest, że zawsze w oceanie znajdzie się jakaś większa ryba. Gdy na liście ofiar cyberszpiegów są partie polityczne, ambasady, prezydent Stanów Zjednoczonych, FBI i NSA, Pentagon czy NASA, a to jedynie mały wycinek listy, to brzmi tak abstrakcyjnie, że aż niewiarygodnie.
Źródła:
❗️Advanced Persistent Threats: Attack Stages, Examples, and Mitigation
https://www.hackerone.com/knowledge-center/advanced-persistent-threats-attack-stages-examples-and-mitigation
🔎 The MiniDuke Mystery: PDF 0-day Government Spy Assembler 0x29A Micro Backdoor
https://securelist.com/the-miniduke-mystery-pdf-0-day-government-spy-assembler-0x29a-micro-backdoor/31112/
👻 OPERATION GHOST. The Dukes aren’t back — they never left
https://web-assets.esetstatic.com/wls/2019/10/ESET_Operation_Ghost_Dukes.pdf
📧 Official: Russia suspected in Joint Chiefs email server intrusion
https://edition.cnn.com/2015/08/05/politics/joint-staff-email-hack-vulnerability/
🧑🏻⚖️ CrowdStrike’s work with the Democratic National Committee: Setting the record straight
https://www.crowdstrike.com/blog/bears-midst-intrusion-democratic-national-committee/
👣 Following the Links From Russian Hackers to the U.S. Election
https://www.nytimes.com/interactive/2016/07/27/us/politics/trail-of-dnc-emails-russia-hacking.html
🇳🇴 Norway: Russian hackers hit spy agency, defense, Labour party
https://eu.usatoday.com/story/news/2017/02/03/norway-russian-hackers-hit-spy-agency-defense-labour-party/97441782/
🚨 Russian hackers breached Dutch police systems in 2017
https://therecord.media/russian-hackers-breached-dutch-police-systems-in-2017
🦠 Advisory: APT29 targets COVID-19 vaccine development
https://www.ncsc.gov.uk/files/Advisory-APT29-targets-COVID-19-vaccine-development.pdf
🥷 Russian hack was ‘classic espionage’ with stealthy, targeted tactics
https://www.washingtonpost.com/technology/2020/12/14/russia-hack-us-government/
🦾 SolarWinds is ‘largest’ cyberattack ever, Microsoft president says
https://www.politico.eu/article/solarwinds-largest-cyberattack-ever-microsoft-president-brad-smith/
🔓 Unauthorized Access of FireEye Red Team Tools
https://www.mandiant.com/resources/blog/unauthorized-access-of-fireeye-red-team-tools
👨💼 Former SolarWinds CEO blames intern for ‘solarwinds123’ password leak
https://edition.cnn.com/2021/02/26/politics/solarwinds123-password-intern/index.htm
🕵🏻 RSAConference. SolarWinds: What Really Happened?
https://www.rsaconference.com/library/presentation/usa/2021/solarwinds-what-really-happened
🔑 APT29 @ malpedia
https://malpedia.caad.fkie.fraunhofer.de/actor/apt29
📄 FACT SHEET: Imposing Costs for Harmful Foreign Activities by the Russian Government
https://www.whitehouse.gov/briefing-room/statements-releases/2021/04/15/fact-sheet-imposing-costs-for-harmful-foreign-activities-by-the-russian-government/
Relevant xkcd: https://xkcd.com/1573/
© Wszystkie znaki handlowe należą do ich prawowitych właścicieli.
❤️ Dziękuję za Waszą uwagę.
Znajdziecie mnie również na:
Instagramie @mateuszemsi https://www.instagram.com/mateuszemsi/
Twitterze @MateuszChrobok https://twitter.com/MateuszChrobok
Mastodonie https://infosec.exchange/@mateuszchrobok
LinkedInie @mateuszchrobok https://www.linkedin.com/in/mateuszchrobok/
Patronite @MateuszChrobok https://patronite.pl/MateuszChrobok
Podcasty na:
Anchor https://anchor.fm/mateusz-chrobok
Spotify https://open.spotify.com/show/6y6oWs20HwRejktOWHTteR
Apple Podcasts https://apple.co/3OwjvOh
Rozdziały:
00:00 Intro
01:13 APT
03:39 Kalendarium
09:58 SolarWinds
21:39 Atrybucja
23:30 Co Robić i Jak Żyć?
#APT #Rosja #cyberbezpieczeństwo #szpiegowanie #służby
https://www.youtube.com/watch?v=pwqzZjesS_U