Cozy Bear

Russian APT exploiting JetBrains TeamCity vulnerability - A known JetBrains TeamCity vulnerability is now being exploited by two nation-state threat groups as some organizations have yet to patch the critical flaw. CISA issued a joint government advisory Wednesday to warn users that a Russian advanced ...
1 year ago Techtarget.com CVE-2023-42793 Cozy Bear APT29

Russian-Backed Hackers Target High-Value US, European Entities - Hackers linked to Russia's military intelligence unit exploited previously patched Microsoft vulnerabilities in a massive phishing campaign against U.S. and European organizations in such vectors as government, aerospace, and finance across North ...
1 year ago Securityboulevard.com CVE-2023-23397 CVE-2023-38831 Fancy Bear APT28

Fancy Bear goes phishing in US, European high-value networks The Register - Fancy Bear, the Kremlin's cyber-spy crew, has been exploiting two previously patched bugs for large-scale phishing campaigns against high-value targets - like government, defense, and aerospace agencies in the US and Europe - since March, according ...
1 year ago Go.theregister.com CVE-2023-23397 CVE-2023-38831 CVE-2023-32231 Fancy Bear

Feds go Fancy Bear hunting, take down Russia's GRU botnet The Register - The US government today said it disrupted a botnet that Russia's GRU military intelligence unit used for phishing expeditions, spying, credential harvesting, and data theft against American and foreign governments and other strategic targets. Moobot ...
1 year ago Go.theregister.com Fancy Bear Volt Typhoon

Russian Spies Hacked Microsoft Email Systems & Accessed Code - Microsoft has disclosed that Russian government hackers, identified as the group Midnight Blizzard, have successfully infiltrated its corporate email systems and stolen source codes. Microsoft's announcement on March 8, 2024, detailed that Midnight ...
1 year ago Cybersecuritynews.com Cozy Bear APT29

Microsoft tells how Russia's Cozy Bear broke into its email The Register - Microsoft, a week after disclosing that Kremlin-backed spies broke into its network and stole internal emails and files from its executives and staff, has now confirmed the compromised corporate account used in the genesis of the heist didn't even ...
1 year ago Go.theregister.com Cozy Bear

TeamViewer says Russia's 'Cozy Bear' hackers attacked corporate IT system - Software company TeamViewer confirmed on Friday that a prolific Russian hacking group breached its corporate IT environment earlier in the week. In an updated statement, the company attributed a recently announced incident to APT29, also known as ...
9 months ago Therecord.media Cozy Bear APT29

TeamViewer says Russia's 'Cozy Bear' hackers attacked corporate IT system - Software company TeamViewer confirmed on Friday that a prolific Russian hacking group breached its corporate IT environment earlier in the week. In an updated statement, the company attributed a recently announced incident to APT29, also known as ...
9 months ago Therecord.media Cozy Bear APT29

Ember Bear - Ember Bear is a suspected Russian state-sponsored cyber espionage group that has been active since at least March 2021. Ember Bear has primarily focused their operations against Ukraine and Georgia, but has also targeted Western European and North ...
1 year ago Attack.mitre.org Ember Bear

Star Blizzard launched Cyber Attacks on UK since years - The discovery of this covert activity is recent, and the extent of the damage is yet to be fully assessed. Over the years, various nations, such as China, Russia, North Korea, and more recently, Iran, have been involved in spying on Western ...
1 year ago Cybersecurity-insiders.com Cozy Bear Fancy Bear

U.S. Halts Cyber Operations Targeting Russia - The move coincides with heightened concerns over Russian cyber threats, including state-linked campaigns like Sandworm and Midnight Blizzard, and follows revelations of a Chinese breach targeting Belgian critical infrastructure. The Pentagon’s ...
1 month ago Cybersecuritynews.com CVE-2024-53104 Cozy Bear Fancy Bear

CVE-2024-47355 - Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in CozyThemes Cozy Blocks allows Stored XSS.This issue affects Cozy Blocks: from n/a through 2.0.11. ...
6 months ago

CVE-2024-50502 - Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in CozyThemes Cozy Blocks allows Stored XSS.This issue affects Cozy Blocks: from n/a through 2.0.18. ...
5 months ago

CVE-2024-50441 - Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in CozyThemes Cozy Blocks allows Stored XSS.This issue affects Cozy Blocks: from n/a through 2.0.15. ...
5 months ago

CVE-2025-30838 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CozyThemes Cozy Blocks allows Stored XSS. This issue affects Cozy Blocks: from n/a through 2.1.6. ...
3 weeks ago

Cozy Bear - A Russian hacker group believed to be associated with one or more intelligence agencies of Russia. ...
1 year ago En.wikipedia.org

US Agencies Urged to Patch Ivanti VPNs That Are Actively Being Hacked - New findings from the cryptocurrency tracing firm Chainalysis show how stablecoins that are tied to the value of the US dollar were instrumental in cryptocurrency-based scams and sanctions evasion last year. The US Federal Trade Commission reached a ...
1 year ago Wired.com Cozy Bear

Understanding Backdoor Diplomacy Attack on Iranian Government Entities - In today’s digital world, cyberattacks are becoming increasingly prevalent, particularly against governments and public or private entities. Recently, a new targeted attack against Iranian government entities has been detected. Dubbed “Backdoor ...
2 years ago Heimdalsecurity.com Cozy Bear

Microsoft Shares New Guidance in the Wake of 'Midnight Blizzard' Cyberattack - Microsoft has released new guidance for organizations on how to protect against persistent nation-state attacks like the one disclosed a few days ago that infiltrated its own corporate email system. A key focus of the guidance is on what ...
1 year ago Darkreading.com Cozy Bear

APT29 - APT29 is threat group that has been attributed to Russia's Foreign Intelligence Service (SVR). They have operated since at least 2008, often targeting government networks in Europe and NATO member countries, research institutes, and think tanks. ...
1 year ago Attack.mitre.org Cozy Bear APT29

HP Enterprise Reveals Hack Conducted by State-backed Russian Hackers - Hewlett Packard enterprise reported on Wednesday that alleged state-backed Russian hackers have attacked its cloud-based email system and stolen security and employees' data. In a Security and Exchange filing, the IT product provider noted that the ...
1 year ago Cysecurity.news Cozy Bear

SolarWinds to SEC: Don't 'revictimise the victim' The Register - In a statement to The Register, Serrin Turner, an attorney at Latham and Watkins, which is representing SolarWinds, railed against the SEC's charges. In late October, the SEC filed the legal complaint against SolarWinds alleging that the company and ...
1 year ago Go.theregister.com Cozy Bear

What is an advanced persistent threat? - An advanced persistent threat is a prolonged and targeted cyber attack in which an intruder gains access to a network and remains undetected for an extended period. APT attacks are initiated to steal highly sensitive data rather than cause damage to ...
1 year ago Techtarget.com Cozy Bear APT29

Microsoft breached by Russian APT behind SolarWinds attack - Midnight Blizzard, previously referred to as Nobelium, is best known as the threat actor behind the infamous supply chain attack against SolarWinds in late 2020. The advanced persistent threat group, more commonly known as Cozy Bear and APT29, ...
1 year ago Techtarget.com Cozy Bear APT29

HPE: Russian hackers breached its security team's email accounts - Hewlett Packard Enterprise disclosed today that suspected Russian hackers known as Midnight Blizzard gained access to the company's Microsoft Office 365 email environment to steal data from its cybersecurity team and other departments. Midnight ...
1 year ago Bleepingcomputer.com Cozy Bear APT29