Cyber-espionage group Cloud Atlas targets Russian companies with war-related phishing attacks

The hacker group known as Cloud Atlas targeted a Russian agro-industrial enterprise and a state-owned research company in a new espionage campaign, researchers have found.
Cloud Atlas is a state-backed threat actor, active since at least 2014, that mostly attacks organizations in Russia, Belarus, Azerbaijan, Turkey, and Slovenia.
In its new campaign, the hackers sent their victims phishing emails with malicious attachments - the tactic they were seen using in previous attacks, according to the Russian cybersecurity firm F.A.C.C.T., an offshoot of the Singapore-based cybersecurity firm Group IB. The researchers said that two attacks they detected were successfully blocked.
In the report released earlier this week, F.A.C.C.T. published examples of two phishing letters discovered while analyzing the attacks.
The first email offered to send postcards to soldiers fighting in the war in Ukraine and their family members.
The second email was related to changes in the law regarding military reserves.
Both letters were sent from email addresses registered on popular Russian email services - yandex.
The emails contained malicious attachments that, once opened, uploaded files with an exploit for the vulnerability known as CVE-2017-11882.
This is a vulnerability in Microsoft Office that was fixed back in 2017 but is still actively exploited.
Successful exploitation of this bug allows attackers to execute arbitrary code with the privileges of the user who opened the malicious file.
Thus, if the victim has administrator rights, the attacker will be able to take full control of their system - install programs, view, modify, or destroy data, and even create new accounts, said researchers at Moscow-based Kaspersky.
Cloud Atlas focuses on espionage and theft of confidential information, but it isn't clear what country sponsors the group.
The hackers typically use phishing emails with malicious attachments to gain initial access to a victim's computer.
These documents are carefully crafted to mimic government statements, media articles, business proposals, or advertisements, researchers said.
The attackers closely control who can access their malicious attachments by whitelisting the targets.
To collect the IP information of the victims, Cloud Atlas first sent them reconnaissance documents, which do not contain any malicious files aside from fingerprinting the victim, according to Check Point.
Kansas City-area hospital transfers patients, reschedules appointments after cyberattack.
Daryna Antoniuk is a freelance reporter for Recorded Future News based in Ukraine.
She writes about cybersecurity startups, cyberattacks in Eastern Europe and the state of the cyberwar between Ukraine and Russia.
She previously was a tech reporter for Forbes Ukraine.


This Cyber News was published on therecord.media. Publication date: Thu, 21 Dec 2023 19:45:25 +0000


Cyber News related to Cyber-espionage group Cloud Atlas targets Russian companies with war-related phishing attacks

Cyber Insights 2023: The Geopolitical Effect - The result is more than a dozen features on subjects ranging from AI, quantum encryption, and attack surface management to venture capital, regulations, and criminal gangs. The Russia/Ukraine war that started in early 2022 has been mirrored by a ...
1 year ago Securityweek.com
Atlas VPN Free vs. Premium: Which Plan Is Best For You? - When VPN providers offer free versions, you may be inclined to stick with that version. Atlas VPN Free is a lifetime-free version of the Atlas VPN service, which allows users to enjoy VPN services in four locations. In comparison, Atlas VPN Premium ...
8 months ago Techrepublic.com
Atlas Healthcare Confirms Data Breach Affecting Residents' Social Security Numbers - On October 14, 2023, Atlas Healthcare provided notice of a recent data breach after learning that an unauthorized actor was able to access the company's computer system. In this notice, Atlas explains that the incident resulted in an unauthorized ...
11 months ago Jdsupra.com
Cyber-espionage group Cloud Atlas targets Russian companies with war-related phishing attacks - The hacker group known as Cloud Atlas targeted a Russian agro-industrial enterprise and a state-owned research company in a new espionage campaign, researchers have found. Cloud Atlas is a state-backed threat actor, active since at least 2014, that ...
10 months ago Therecord.media
Multi-Cloud vs. Hybrid Cloud: The Main Difference - The proliferation of cloud technologies is particularly confusing to businesses new to cloud adoption, and they're sometimes baffled by the distinction between multi-cloud and hybrid cloud. Although the public cloud infrastructure and public cloud ...
10 months ago Techtarget.com
What is a Cloud Architect and How Do You Become One? - A cloud architect is an IT professional who is responsible for overseeing a company's cloud computing strategy. This includes cloud adoption plans, cloud application design, and cloud management and monitoring. Cloud architects oversee application ...
8 months ago Techtarget.com
2023 Cloud Security Report - Security concerns remain a critical barrier to cloud adoption, showing little signs of improvement in the perception of cloud security professionals. Cloud adoption is further inhibited by a number of related challenges that prevent the faster and ...
10 months ago Cybersecurity-insiders.com
6 Best Cloud Security Companies & Vendors in 2024 - Cloud security companies specialize in protecting cloud-based assets, data, and applications against cyberattacks. To help you choose, we've analyzed a range of cybersecurity companies offering cloud security products and threat protection services. ...
8 months ago Esecurityplanet.com
The 10 Best Cloud Security Certifications for IT Pros in 2024 - Many professionals seeking a career in cloud security turn to certifications to advance their learning and prove.... their knowledge to potential employers. The number of cloud security certifications has increased in recent years making it difficult ...
10 months ago Techtarget.com
9 Best DDoS Protection Service Providers for 2024 - eSecurity Planet content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More. One of the most powerful defenses an organization can employ against distributed ...
11 months ago Esecurityplanet.com
Cloud Security: Stats and Strategies - An interesting aspect in O'Reilly's latest Cloud Adoption report based on a global survey conducted is that 90% of the responders are using the cloud to support their business. One of the key takeaways from the State of the Cloud report from Flexera ...
9 months ago Feeds.dzone.com
Spear Phishing vs Phishing: What Are The Main Differences? - Almost half of them used phishing to obtain the passwords of users. Highly targeted phishing campaigns against specific individuals or types of individuals are known as spear phishing. It's important to be able to spot phishing in general. For ...
9 months ago Techrepublic.com
Top Cloud Security Issues: Threats, Risks, Challenges & Solutions - Cloud security issues refer to the threats, risks, and challenges in the cloud environment. To combat these cloud security issues, develop a robust cloud security strategy that addresses all three to provide comprehensive protection. Cloud security ...
5 months ago Esecurityplanet.com
What Is Cloud Security Management? Types & Strategies - Cloud security management is the process of safeguarding cloud data and operations from attacks and vulnerabilities through a set of cloud strategies, tools, and practices. The cloud security manager and the IT team are generally responsible for ...
5 months ago Esecurityplanet.com
Worried about job security, cyber teams hide security incidents - Between a growing talent shortage, alert fatigue, and new sophisticated attack methods, companies are more susceptible than ever. The research reveals that 40% of cyber teams have not reported a cyber incident out of fear of losing their jobs - a ...
5 months ago Helpnetsecurity.com
What SOCs Need to Know About Water Dybbuk - According to the Federal Bureau of Investigation, BEC costs victims more money than ransomware, with an estimated US$2.4 billion being lost to BEC in the US in 2021. Recently, BEC scammers have been using stolen accounts from legitimate Simple Mail ...
1 year ago Trendmicro.com
Cyber Insurance for Businesses: Navigating Coverage - To mitigate these risks, many businesses opt for cyber insurance. With the wide range of policies available, navigating the world of cyber insurance can be overwhelming. In this article, we will delve into the complexities of cyber insurance and ...
9 months ago Securityzap.com
Ukraine-Russia Cyber Battles Have Real-World Impact - "The evolution of cyberattacks and malware, particularly those that have an intersection with the use of generative AI, have lowered the barrier for entry for threat actors, leading to more threats and a greater volume of attacks," he says. ...
1 month ago Darkreading.com
Cyber Insurance: A Smart Investment to Protect Your Business from Cyber Threats in 2023 - Don't wait until it's too late - get cyber insurance today and secure your business for tomorrow. According to the U.S. Federal Trade Commission, cyber insurance is a particular type of insurance that helps businesses mitigate financial losses ...
8 months ago Cyberdefensemagazine.com
CrowdStrike Enhances Cloud Asset Visualization to Accelerate Risk Prioritization - The massive increase in cloud adoption has driven adversaries to focus their efforts on cloud environments - a shift that led to cloud intrusions increasing by 75% in 2023, emphasizing the need for stronger cloud security. As organizations increase ...
5 months ago Crowdstrike.com
Cyber Insights 2023: Cyberinsurance - The result is more than a dozen features on subjects ranging from AI, quantum encryption, and attack surface management to venture capital, regulations, and criminal gangs. In 2022, Russia invaded Ukraine with the potential for more serious and more ...
1 year ago Securityweek.com
7 Considerations for Multi-Cluster Kubernetes - A hybrid cloud is a cloud computing environment that combines public and private clouds, allowing organizations to utilize the benefits of both. In a hybrid cloud, an organization can store and process critical data and applications in its private ...
9 months ago Feeds.dzone.com
What Is Cloud Workload Security? Ultimate Guide - Cloud workload security, or cloud workload protection, refers to the tools and policies used to protect apps, services, and resources that run on cloud infrastructure. Your organization can manage cloud workload security through coordination across ...
4 months ago Esecurityplanet.com
The Atlas of Surveillance Hits Major Milestones: 2023 in Review - That's what a New York Police Department lieutenant wrote on LinkedIn after someone sent him a link to the Atlas of Surveillance, EFF's moonshot effort to document which U.S. law enforcement agencies are using which technologies, including drones, ...
10 months ago Eff.org
Securing Gold: Assessing Cyber Threats on Paris 2024 - The next Olympic Games hosted in Paris will take place from 26 July to 11 August 2024, while the Paralympic Games will be carried out from 28 August to 8 September 2024. Paris 2024 estimated the number of spectators for the next edition to be 9,7 ...
10 months ago Blog.sekoia.io

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)