all InfoSec news
Gamaredon APT targets Ukrainian government agencies in new campaign
Sept. 15, 2022, 12:02 p.m. | Guilherme Venere (noreply@blogger.com)
Cisco Talos Intelligence Group - Comprehensive Threat Intelligence blog.talosintelligence.com
By Asheer Malhotra and Guilherme Venere.
- Cisco Talos recently identified a new, ongoing campaign attributed to the Russia-linked Gamaredon APT that infects Ukrainian users with information-stealing malware.
- The adversary is using phishing documents containing lures related to the Russian invasion of Ukraine.
- LNK files, PowerShell and VBScript enable initial access, while malicious binaries are deployed in the post-infection phase.
- We discovered the use of a custom-made information stealer implant that can exfiltrate victim files of interest and deploy additional …
apt campaign gamaredon gamaredon apt government infostealer malware securex ukraine ukrainian
More from blog.talosintelligence.com / Cisco Talos Intelligence Group - Comprehensive Threat Intelligence
Jobs in InfoSec / Cybersecurity
SOC 2 Manager, Audit and Certification
@ Deloitte | US and CA Multiple Locations
Information Security Engineers
@ D. E. Shaw Research | New York City
Technology Transfer GMP Compliance Officer
@ Pharmathen | Sapes, East Macedonia and Thrace, Greece
Security Cyber Consultant DRC (m/w/d)
@ Atos | Berlin, DE, D-13353
Penetration Tester - InfoSec
@ Rapid7 | NIS Belfast
Cyber Vulnerability Lead
@ Under Armour | Remote, US