Skip to main content

Microsoft Obtains Court Order to Take Down Domains of Russian Hackers Targeting Ukraine.



Microsoft on Thursday disclosed that it obtained a court order to take control of seven domains used by APT28, a state-sponsored group operated by Russia's military intelligence service, with the goal of neutralizing its attacks on Ukraine.


"We have since re-directed these domains to a sinkhole controlled by Microsoft, enabling us to mitigate Strontium's current use of these domains and enable victim notifications," Tom Burt, Microsoft's corporate vice president of customer security and trust, said.


APT28, also known by the names Sofacy, Sednit, Pawn Storm, Fancy Bear, Iron Twilight, and Strontium, is a cyber espionage group and an advanced persistent threat that's known to be active since 2009, striking media, governments, military, and international non-governmental organizations (NGOs) that often have a security focus.


CyberSecurity

The tech giant noted that the sinkhole infrastructure was used by the threat actor to target Ukrainian institutions as well as governments and think tanks in the U.S. and the European Union so as to maintain long term persistent access and exfiltrate sensitive information.


Meta takes action against Ghostwriter and Phosphorus

The disclosure from Microsoft comes as Meta, the company formerly known as Facebook, disclosed that it took action against covert adversarial networks originating from Azerbaijan and Iran on its platform, by taking down the accounts and blocking their domains from being shared.


The Azerbaijanian operation is believed to have singled out democracy activists, opposition groups, and journalists from the country and government critics abroad for carrying out credential phishing and espionage activities.


Another involved UNC788 (aka Charming Kitten, TA453, or Phosphorus), a government-linked hacking crew that has a history of conducting surveillance operations in support of Iranian strategic priorities.


"This group used a combination of low-sophistication fake accounts and more elaborate fictitious personas, which they likely used to build trust with potential targets and trick them into clicking on phishing links or downloading malicious applications," Meta outlined in its first quarterly Adversarial Threat Report.


The malicious Android applications, dubbed HilalRAT, impersonated seemingly harmless Quran apps to extract sensitive information, such as contacts list, text messages, files, location information, as well as activate camera and microphone.


Meta also said it blocked the malicious activities associated with an unreported Iranian hacking group that leveraged tactics similar to that of Tortoiseshell to target or spoof companies in the energy, IT, maritime logistics, semiconductor, and telecom industries.


CyberSecurity

This campaign featured an elaborate set of bogus profiles on Instagram, LinkedIn, Facebook, and Twitter, with the actors posing as recruiters of real and front companies to trick users into clicking on phishing links to deliver information stealing malware that were disguised as VPN, calculator, audiobook, and messaging apps.


"They developed malware on the VMWare ThinApp virtualization platform, which allowed them to run it on many different systems and hold malicious payload back until the last minute, making malware detection more challenging," Meta explained.


Lastly, also disrupted by Meta were takeover attempts made by the Belarus-aligned Ghostwriter group to break into the Facebook accounts of dozens of Ukrainian military personnel.


The attacks, which were successful in a "handful of cases," abused the access to victims' social media accounts and posted disinformation "calling on the Army to surrender as if these posts were coming from the legitimate account owners."

Comments

Popular posts from this blog

We Bring You Brief Series of Sanctions Against Uganda Government Officials.

📸: Gen Abel Kandiho. On 9-December-2021, USA slapped sanctions against the then CMI Commander Gen Abel Kandiho. 📸: Gen Kale Kayihura. On 9-December-2022, UK slapped sanctions against former Police Boss Gen Kale Kayihura. 📸: Commissioner General of Prisons, Johnson Byabashaija. Again on this 4-December-2023, the same USA has slapped sanctions against Uganda Prisons Commander Johnson Byabashaija over alleged torture and human rights abuses in Prisons across Uganda. We ask, has USA and UK made December as an LCM to slap sanctions against high ranking government officials in Uganda even when the sanctions just remain on paper without deeper investigations to ascertain logical conclusions or remedy to that effect ?. #iip_updates  #Information_is_Power  #we_inform_the_uninformed

How to Host a Website for Free From Your PC or Laptop.

Why pay for a web hosting service when your old computer can do the same thing? Learn how to self-host your site. If you're planning to launch a website but don't want to pay recurring monthly or annual hosting fees, you can use any old laptop or desktop PC to host a website for free. It's a great way to utilize your old system instead of throwing it away. In this guide, we will install and set up services on our 10-year-old laptop to host a WordPress, Joomla, or custom HTML or PHP-based website with a free SSL certificate. MAKEUSEOF VIDEO OF THE DAY Things You Will Need to Host a Website Following are the pre-requisites to host a website for free from home with just your computer: An old laptop or PC running Ubuntu Server. A registered domain name for your website Ethernet cable to connect the laptop or PC to router for reliable and fast connection Step 1: Update and Upgrade the Packages After  installing Ubuntu Server on your computer , execute the following c...

WHERE IS MINISTER OF SEX SIMON LOKODO?. (He deserves a battle of soda from me! Ministe`r esalanga mabee. He is quick to run after Mrs Dr Stella Nyanzi and other Opposition elements. Government aza aza edo zuu vaa kpere bua). Anyway, below is the article! POLICE OFFICER AKOL ESTHER CHARGED OF BEING A PUBLIC NUISANCE Naughty Officer Officer who embarrassed police after leaking nude photo charged 13.03.2018 She serves in the 'Very Important Persons Protection Unit'  Akol Esther  (Courtesy) A female police officer whose nude photo surfaced on social media has been charged of being a public nuisance. Akol Esther serves in the Very Important Persons Protection Unit (VIPPU) of the police force. Kampala Metropolitan Police spokesperson Luke Owoyesigire says Akol Esther might be demoted or expelled from the police force if found guilty of circulating nude photos. Police court is yet to announce date when Akol Esther is expected to appear for a hearing. This comes at a time when Pornography Control Committee is taking tough measures against persons circulating pornography content. The committee warned and promised to arrest persons who will circulate pornographic content.

POLICE OFFICER AKOL ESTHER CHARGED OF BEING A PUBLIC NUISANCE Naughty Officer Officer who embarrassed police after leaking nude photo charged 13.03.2018 She serves in the 'Very Important Persons Protection Unit' Akol Esther  (Courtesy) A female police officer whose nude photo surfaced on social media has been charged of being a public nuisance. Akol Esther serves in the Very Important Persons Protection Unit (VIPPU) of the police force. Kampala Metropolitan Police spokesperson Luke Owoyesigire says  Akol Esther might be demoted or expelled from the police force if found guilty of circulating nude photos . Police court is yet to announce date when Akol Esther is expected to appear for a hearing. This comes at a time when Pornography Control Committee is taking tough measures against persons circulating pornography content. The committee warned and promised to arrest persons who will circulate pornographic content.