all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

APT28 Uses 'Windows Update' Phishing Emails to Target Ukrainian Agencies

Add to bookmarks
May 5, 2023, 10:39 a.m. | /u/RJMonga

Information Security News www.reddit.com

Russian hacker group APT28 is targeting Ukraine's government agencies with a phishing attack by using phony Windows updates to exfiltrate system data. Since 2008, the group has been actively targeting the Ukrainian government. CERT-UA has issued a warning against this attack campaign that masquerades as system administrators of government departments. The email carries instructions and images to launch the command prompt and downloads a PowerShell script that informs about the system and sends it to attackers via Mocky service API. …

administrators apt28 attack campaign cert cert-ua data departments emails government hacker hacker group infosecnews phishing phishing attack phishing emails russian system system administrators target targeting ukraine ukrainian update updates warning windows windows update windows updates

Visit resource

More from www.reddit.com / Information Security News

Malware dev lures child exploiters into honeytrap to extort them 1 day, 16 hours ago | www.reddit.com
child dev infosecnews malware
MITRE revealed that nation-state actors breached its systems via Ivanti zero-days 3 days, 13 hours ago | www.reddit.com
breached infosecnews ivanti mitre +5
Cisco Duo warns third-party data breach exposed SMS MFA logs 1 week ago | www.reddit.com
breach cisco cisco duo data +10
Roku Discloses Data Breach of 576,000 Accounts 1 week, 2 days ago | www.reddit.com
accounts breach data data breach +2
LastPass: Hackers targeted employee in failed deepfake CEO call 1 week, 4 days ago | www.reddit.com
call ceo deepfake employee +3
U.S. Sends Ukraine Weapons it Seized Intended for Yemen During Saudi Arabia's Bombing Campaign, Blockade 1 week, 5 days ago | www.reddit.com
bombing campaign infosecnews saudi +5
91,000 Smart LG TV Devices Vulnerable to Remote Takeover 2 weeks ago | www.reddit.com
devices infosecnews smart takeover +1
RDP Abuse Present in 90% of Ransomware Breaches 2 weeks, 6 days ago | www.reddit.com
abuse breaches infosecnews ransomware +1
Red Hat warns of backdoor in XZ tools used by most Linux distros 3 weeks, 3 days ago | www.reddit.com
backdoor infosecnews linux linux distros +2

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Penetration Tester

@ Resillion | Bengaluru, India
View on infosec-jobs.com

Senior Backend Software Engineer (Java) - Privacy Engineering (Open to remote across ANZ)

@ Canva | Sydney, Australia
View on infosec-jobs.com

(Senior) Information Security Professional (w/m/d)

@ IONOS | Deutschland - Remote
View on infosec-jobs.com

Information Security (Incident Response) Intern

@ Eurofins | Katowice, Poland
View on infosec-jobs.com

Game Penetration Tester

@ Magic Media | Belgrade, Vojvodina, Serbia - Remote
View on infosec-jobs.com
View more jobs