Robuta

https://securityaffairs.com/58435/apt/cracking-apt28-traffic.html Cracking APT28 traffic in a few seconds Oct 22, 2017 - Security experts from security firm Redsocks published an interesting report on how to crack APT28 traffic in a few seconds. in acrackingapt28trafficseconds https://www.akamai.com/blog/security-research/2026/apr/incomplete-patch-apt28s-zero-day-cve-2026-32202 A Shortcut to Coercion: Incomplete Patch of APT28's Zero-Day Leads to CVE-2026-32202 | Akamai Akamai researchers reveal how an incomplete patch for APT28's zero-day led to CVE-2026-32202, a zero-click vulnerability enabling NTLM authentication coercion. https://thehackernews.com/2026/03/apt28-tied-to-cve-2026-21513-mshtml-0.html?version=meter+at+null APT28 Tied to CVE-2026-21513 MSHTML 0-Day Exploited Before Feb 2026 Patch Tuesday APT28 exploited CVE-2026-21513, an MSHTML zero-day (CVSS 8.8), using malicious LNK files to bypass security controls and execute code. https://thehackernews.com/2023/09/ukraines-cert-thwarts-apt28s.html Ukraine's CERT Thwarts APT28's Cyberattack on Critical Energy Infrastructure Ukraine's CERT-UA fends off a cyberattack on a critical energy infrastructure. Learn how a phishing email led to an infiltration attempt by APT28. critical energyukrainecertthwartsapt28 https://thehackernews.com/2025/05/russia-linked-apt28-exploited-mdaemon.html?version=meter+at+null Russia-Linked APT28 Exploited MDaemon Zero-Day to Hack Government Webmail Servers APT28 exploited MDaemon zero-day CVE-2024-11182 in targeted webmail hacks across 10+ nations. zero day https://thehackernews.com/2024/02/cybersecurity-agencies-warn-ubiquiti.html?ref=blog.emberlake.ky Cybersecurity Agencies Warn Ubiquiti EdgeRouter Users of APT28's MooBot Threat Nations unite to warn against the MooBot botnet threat targeting Ubiquiti EdgeRouters. cybersecurity agenciesubiquiti edgerouterwarn https://thehackernews.com/2026/03/apt28-uses-beardshell-and-covenant.html?ref=blog.netmanageit.com APT28 Uses BEARDSHELL and COVENANT Malware to Spy on Ukrainian Military APT28 deploys BEARDSHELL and COVENANT since April 2024 targeting Ukrainian military, enabling cloud-based espionage and persistent surveillance. covenant malwareapt28usesbeardshell https://thehackernews.com/2026/02/apt28-uses-microsoft-office-cve-2026.html APT28 Uses Microsoft Office CVE-2026-21509 in Espionage-Focused Malware Attacks APT28 exploited a Microsoft Office flaw to deliver MiniDoor and Covenant Grunt malware in targeted attacks across Ukraine and Eastern Europe. microsoft office https://securityaffairs.com/178165/apt/russia-linked-apt28-targets-western-logistics-entities-and-technology-firms.html Russia-linked APT28 targets western logistics entities and technology firms May 22, 2025 - CISA warns Russia-linked group APT28 is targeting Western logistics and tech firms aiding Ukraine, posing an elevated threat to supply chains russialinkedapt28targetswestern https://securityaffairs.com/58322/hacking/apt28-hacked-denmark-defense-ministry.html Denmark blamed Russia APT28 group for cyber intrusions in Defense Ministry Emails Oct 23, 2017 - Denmark on Monday denounced Russia after the publication of a report that accused Russian APT28 of hacking the defense ministry's email accounts. https://securityaffairs.com/52133/cyber-crime/tv5monde-cyber-attack.html The France TV5Monde was almost destroyed by the Russian APT28 group Oct 11, 2016 - The TV5Monde director-general has told the BBC that his TV was almost destroyed by a targeted cyber attack conducted by the Russian APT28 group. francetv5mondealmostdestroyedrussian https://www.golem.de/news/apt28-hackergruppe-soll-cdu-angegriffen-haben-1605-120872.html APT28: Hackergruppe soll CDU angegriffen haben - Golem.de Die Gruppe APT28, die auch mit dem Bundestags-Hack in Verbindung gebracht wird, soll die deutsche Regierungspartei CDU angegriffen haben. Ob die... apt28sollcduhabengolem https://thehackernews.com/2024/03/apt28-hacker-group-targeting-europe.html?ref=secretciso.org APT28 Hacker Group Targeting Europe, Americas, Asia in Widespread Phishing Scheme IBM X-Force uncovers extensive phishing campaigns by APT28, targeting Europe, the South Caucasus, Central Asia, and the Americas. hacker groupapt28targetingeurope https://securityaffairs.com/52133/hacking/tv5monde-cyber-attack.html The France TV5Monde was almost destroyed by the Russian APT28 group Oct 11, 2016 - The TV5Monde director-general has told the BBC that his TV was almost destroyed by a targeted cyber attack conducted by the Russian APT28 group. francetv5mondealmostdestroyedrussian https://www.sentinelone.com/blog/here-we-go-crimeware-apt-journey-from-robbinhood-to-apt28/ From "RobbinHood" to APT28: Crimeware Virus & APT Journey Oct 27, 2022 - What is crimeware? Vitali Kremez explores Golang malware through a comparison of Robbinhood ransomware to APT 28. Learn more here. apt28crimewarevirusjourney https://www.akamai.com/blog/security-research/incomplete-patch-apt28s-zero-day-cve-2026-32202 A Shortcut to Coercion: Incomplete Patch of APT28's Zero-Day Leads to CVE-2026-32202 | Akamai Akamai researchers reveal how an incomplete patch for APT28's zero-day led to CVE-2026-32202, a zero-click vulnerability enabling NTLM authentication coercion. https://thehackernews.com/2026/04/russian-state-linked-apt28-exploits.html?version=meter+at+null Russian State-Linked APT28 Exploits SOHO Routers in Global DNS Hijacking Campaign APT28 exploits SOHO routers for global DNS hijacking and adversary-in-the-middle attacks, enabling credential theft and espionage. russian statesoho routers https://securityaffairs.com/59820/apt/apt28-targets-montenegro.html Russia Linked hacker group APT28 continues to target Montenegro Oct 22, 2017 - Once again, Montenegro was targeted by the Russia-linked hacker group APT28, according to the experts it is just the beginning. hacker grouprussialinkedapt28continues https://www.infosecurity-magazine.com/news/russian-apt28-exploits-outlook-bug/ Russian APT28 Exploits Outlook Bug to Access Exchange - Infosecurity Magazine Dec 5, 2023 - Notorious Russian APT28 group is actively exploiting CVE-2023-23397 to hijack Exchange email accounts to accessrussianapt28exploitsoutlook https://hackread.com/op-neusploit-russia-apt28-microsoft-office-malware/ Op Neusploit: Russian APT28 Uses Microsoft Office Flaw in Malware Attacks Feb 3, 2026 - A new campaign by the Russian-linked group APT28, called Op Neusploit, exploits a Microsoft Office flaw to steal emails for remote control of devices in... microsoft officeoprussianapt28uses https://cyberscoop.com/apt28-targeted-montenegros-government-joined-nato-researchers-say/?category_news=news APT28 targeted Montenegro's government before it joined NATO, researchers say | CyberScoop Jun 6, 2017 - As Montenegro preprepared to join NATO, a hacking group linked to Russian intelligence was actively engaged in a cyber espionage campaign against Montenegrin... https://securityaffairs.com/94747/apt/evolutions-apt28-attacks.html The evolutions of APT28 attacks .... ..... .... .... .... .... .... Dec 5, 2019 - Analyzing how tactics, techniques and procedures of the Russia-linked APT28 cyberespionage group evolve over the time. ... evolutionsapt28attacks https://securityaffairs.com/61924/breaking-news/apt28-hotels-guests.html APT28 hackers are leveraging NSA Hacking tool to spy on Hotels guests Oct 4, 2017 - According to FireEye, the notorious Russia-linked APT28 group is behind an ongoing campaign targeting hotels in several European countries. hacking tool https://securityaffairs.com/155254/apt/apt28-outlook-hijack-ms-exchange-accounts.html Russia-linked APT28 group spotted exploiting Outlook flaw to hijack MS Exchange accounts Dec 5, 2023 - Microsoft warns that Russia-linked APT28 group is actively exploiting the CVE-2023-23397 Outlook flaw to hijack Microsoft Exchange accounts https://thehackernews.com/2026/04/russian-state-linked-apt28-exploits.html?m=0 Russian State-Linked APT28 Exploits SOHO Routers in Global DNS Hijacking Campaign APT28 exploits SOHO routers for global DNS hijacking and adversary-in-the-middle attacks, enabling credential theft and espionage. russian statesoho routers https://www.mcafee.com/blogs/other-blogs/mcafee-labs/apt28-threat-group-adopts-dde-technique-nyc-attack-theme-in-latest-campaign/ Threat Group APT28 Slips Office Malware into Doc Citing NYC Terror Attack May 28, 2025 - While monitoring activities around APT28, we identified a malicious Word document that leverages the Microsoft Office DDE technique. https://thehackernews.com/2023/05/apt28-targets-ukrainian-government.html APT28 Targets Ukrainian Government Entities with Fake "Windows Update" Emails CERT-UA has issued a warning regarding Russian cyber attacks targeting Ukrainian government entities through phishing emails disguised as updates. ukrainian governmentwindows updateapt28targetsentities