CyberSecurityBoard
Sponsor Register Login

APT29

APT29 is threat group that has been attributed to Russia's Foreign Intelligence Service (SVR). They have operated since at least 2008, often targeting government networks in Europe and NATO member countries, research institutes, and think tanks. APT29 reportedly compromised the Democratic National Committee starting in the summer of 2015.In April 2021, the US and UK governments attributed the SolarWinds Compromise to the SVR; public statements included citations to APT29, Cozy Bear, and The Dukes. Industry reporting also referred to the actors involved in this campaign as UNC2452, NOBELIUM, StellarParticle, Dark Halo, and SolarStorm.

This Cyber News was published on attack.mitre.org. Publication date: Thu, 07 Dec 2023 22:12:07 +0000


Cyber News related to APT29

TeamViewer says Russia's 'Cozy Bear' hackers attacked corporate IT system - Software company TeamViewer confirmed on Friday that a prolific Russian hacking group breached its corporate IT environment earlier in the week. In an updated statement, the company attributed a recently announced incident to APT29, also known as ...
1 year ago Therecord.media Cozy Bear APT29
TeamViewer says Russia's 'Cozy Bear' hackers attacked corporate IT system - Software company TeamViewer confirmed on Friday that a prolific Russian hacking group breached its corporate IT environment earlier in the week. In an updated statement, the company attributed a recently announced incident to APT29, also known as ...
1 year ago Therecord.media Cozy Bear APT29
Russian hackers use Ngrok feature and WinRAR exploit to attack embassies - After Sandworm and APT28, another state-sponsored Russian hacker group, APT29, is leveraging the CVE-2023-38831 vulnerability in WinRAR for cyberattacks. APT29 is tracked under different names and has been targeting embassy entities with a BMW car ...
1 year ago Bleepingcomputer.com CVE-2023-38831 APT28 APT29
TeamViewer: Hackers copied employee directory data and encrypted passwords - Software company TeamViewer says that a compromised employee account is what enabled hackers to breach its internal corporate IT environment and steal encrypted passwords in an incident attributed to the Russian government. In an update on Sunday ...
1 year ago Therecord.media APT29
APT29 - APT29 is threat group that has been attributed to Russia's Foreign Intelligence Service (SVR). They have operated since at least 2008, often targeting government networks in Europe and NATO member countries, research institutes, and think tanks. ...
1 year ago Attack.mitre.org Cozy Bear APT29
TeamCity Intrusion Saga: APT29 Suspected Among the Attackers Exploiting CVE-2023-42793 - As part of this analysis, we look at threat actor TTPs employed throughout the intrusion and how they were identified and pieced together by the FortiGuard IR team. The following section of this report focuses on the activities of one of these threat ...
1 year ago Feeds.fortinet.com CVE-2023-42793 APT29
Amazon Dismantles Russian APT29 Infrastructure - Amazon has successfully dismantled the infrastructure of the Russian cyber espionage group APT29, also known as Cozy Bear. This operation marks a significant step in combating state-sponsored cyber threats targeting global organizations. APT29 has ...
2 months ago Cybersecuritynews.com APT29 Cozy Bear
Amazon disrupts Russian APT29 hackers targeting Microsoft 365 - Amazon has successfully disrupted the operations of the Russian cyber espionage group APT29, also known as Cozy Bear, which has been targeting Microsoft 365 users. This group is notorious for its sophisticated cyber attacks aimed at stealing ...
2 months ago Bleepingcomputer.com APT29 Cozy Bear
Russian Cyberspies Exploiting TeamCity Vulnerability at Scale: Government Agencies - The Russian cyberespionage group known as APT29 has been exploiting a recent TeamCity vulnerability on a large scale since September 2023, according to government agencies in the US, UK, and Poland. The issue, tracked as CVE-2023-42793 and impacting ...
1 year ago Securityweek.com CVE-2023-42793 APT29
CISA orders agencies impacted by Microsoft hack to mitigate risks - CISA has issued a new emergency directive ordering U.S. federal agencies to address risks resulting from the breach of multiple Microsoft corporate email accounts by the Russian APT29 hacking group. It requires them to investigate potentially ...
1 year ago Bleepingcomputer.com APT29
Amazon Warns of APT29 Credential Theft Campaign Targeting Cloud Users - Amazon has issued a warning about a credential theft campaign orchestrated by the advanced persistent threat group APT29, also known as Cozy Bear. This campaign specifically targets cloud users, aiming to steal credentials and gain unauthorized ...
2 months ago Darkreading.com APT29 Cozy Bear
Amazon warns of Russian APT29 watering hole campaign targeting cloud users - Amazon has issued a warning about a sophisticated watering hole attack campaign orchestrated by the Russian threat group APT29, also known as Cozy Bear. This campaign specifically targets cloud service users by compromising legitimate websites ...
2 months ago Infosecurity-magazine.com APT29 Cozy Bear
Global TeamCity Exploitation Opens Door to SolarWinds-Style Nightmare - APT29, the notorious Russian advanced persistent threat behind the 2020 SolarWinds hack, is actively exploiting a critical security vulnerability in JetBrains TeamCity that could open the door to rampant software supply chain attacks. According to ...
1 year ago Darkreading.com CVE-2023-42793 Andariel APT29 Lazarus Group
Cybersecurity breach of TeamViewer Corporate environment by APT29 - TeamViewer, a remote monitoring and management tool based in Germany, has reported a security breach within its internal corporate IT environment. The incident occurred on June 26, 2024, prompting immediate remedial actions to prevent any potential ...
1 year ago Cybersecurity-insiders.com Cozy Bear APT29
TeamViewer Hack Officially Attributed to Russian Cyberspies - TeamViewer has confirmed that a notorious Russian cyberespionage group appears to be behind the recent hacker attack targeting the company's systems. The remote connectivity software provider revealed last week that it had detected an intrusion on ...
1 year ago Securityweek.com Cozy Bear APT29
Amazon Shuts Down APT29 Watering Hole Attack - Amazon has successfully thwarted a sophisticated watering hole attack orchestrated by the notorious Russian state-sponsored hacking group APT29, also known as Cozy Bear. This cyberattack targeted specific websites frequented by government officials ...
2 months ago Therecord.media APT29 Cozy Bear
TeamViewer Hack Officially Attributed to Russian Cyberspies - TeamViewer has confirmed that a notorious Russian cyberespionage group appears to be behind the recent hacker attack targeting the company's systems. The remote connectivity software provider revealed last week that it had detected an intrusion on ...
1 year ago Packetstormsecurity.com Cozy Bear APT29
APT29 Hackers Employs GRAPELOADER in New Attack Against European Diplomats - A sophisticated phishing campaign by Russian-linked threat group APT29 has been actively targeting European diplomatic entities since January 2025, according to a recent security report. Additionally, the malware employs an evasion technique when ...
6 months ago Cybersecuritynews.com Cozy Bear APT29
Amazon Disrupts APT29 Watering Hole Campaign Targeting Security Researchers - Amazon has successfully disrupted a sophisticated watering hole campaign orchestrated by the notorious APT29 threat group, also known as Cozy Bear. This campaign targeted security researchers by compromising websites frequently visited by ...
2 months ago Thehackernews.com APT29 Cozy Bear
New Report Uncovers NikoWiper Malware Used to Attack Ukraine Energy Sector - The Russia-affiliated Sandworm used yet another wiper malware strain dubbed NikoWiper as part of an attack that took place in October 2022 targeting an energy sector company in Ukraine. The NikoWiper is based on SDelete, a command line utility from ...
2 years ago Thehackernews.com APT29
Russian Spies Hacked Microsoft Email Systems & Accessed Code - Microsoft has disclosed that Russian government hackers, identified as the group Midnight Blizzard, have successfully infiltrated its corporate email systems and stolen source codes. Microsoft's announcement on March 8, 2024, detailed that Midnight ...
1 year ago Cybersecuritynews.com Cozy Bear APT29
CISA: Russian hackers target TeamCity servers since September - CISA and partner cybersecurity agencies and intelligence services warned that the APT29 hacking group linked to Russia's Foreign Intelligence Service has been targeting unpatched TeamCity servers in widespread attacks since September 2023. APT29 is ...
1 year ago Bleepingcomputer.com CVE-2023-42793 Andariel APT29
HPE investigates new breach after data for sale on hacking forum - Hewlett Packard Enterprise is investigating a potential new breach after a threat actor put allegedly stolen data up for sale on a hacking forum, claiming it contains HPE credentials and other sensitive information. The company has told ...
1 year ago Bleepingcomputer.com APT1 APT29
CISA Warns of Compromised Microsoft Accounts - CISA issued a fresh CISA emergency directive in early April instructing U.S. federal agencies to mitigate risks stemming from the breach of numerous Microsoft corporate email accounts by the Russian APT29 hacking group. The directive is known as ...
1 year ago Securityboulevard.com APT29
TeamViewer's corporate network was breached in alleged APT hack - The remote access software company TeamViewer is warning that its corporate environment was breached in a cyberattack yesterday, with a cybersecurity firm claiming it was by an APT hacking group. The company says that it plans to be transparent about ...
1 year ago Bleepingcomputer.com Cozy Bear APT29

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)