Russia-linked group APT29 likely breached TeamViewer

Microsoft fixed two zero-day bugs exploited in malware attacks.
HTTP/2 CONTINUATION Flood technique can be exploited in DoS attacks.
Finnish police linked APT31 to the 2021 parliament attack.
BianLian group exploits JetBrains TeamCity bugs in ransomware attacks.
Five Eyes alliance warns of attacks exploiting known Ivanti Gateway flaws.
CISA: Cisco ASA/FTD bug CVE-2020-3259 exploited in ransomware attacks.
Cloudflare breached on Thanksgiving Day, but the attack was promptly contained.
Multiple malware used in attacks exploiting Ivanti VPN flaws.
Barracuda fixed a new ESG zero-day exploited by Chinese group UNC4841.
APT group UAC-0099 targets Ukraine exploiting a WinRAR flaw.
Threat actors breached US govt systems by exploiting Adobe ColdFusion flaw.
Russia-linked APT28 group spotted exploiting Outlook flaw to hijack MS Exchange accounts.
Russia-linked APT29 group exploited WinRAR 0day in attacks against embassies.
SysAid zero-day exploited by Clop ransomware group.
Critical Confluence flaw exploited in ransomware attacks.
iLeakage attack exploits Safari to steal data from Apple devices.
Winter Vivern APT exploited zero-day in Roundcube webmail software in recent attacks.
Apple fixed the 17th zero-day flaw exploited in attacks.
Atlassian Confluence zero-day CVE-2023-22515 actively exploited in attacks.
Zero-day in Cisco ASA and FTD is actively exploited in ransomware attacks.


This Cyber News was published on securityaffairs.com. Publication date: Sun, 30 Jun 2024 14:13:07 +0000


Cyber News related to Russia-linked group APT29 likely breached TeamViewer

Ransomware Actor Uses TeamViewer to Gain Initial Access to Networks - TeamViewer is software that organizations have long used to enable remote support, collaboration, and access to endpoint devices. Like other legitimate remote access technologies, it is also something that attackers have used with relative frequency ...
1 year ago Darkreading.com
TeamViewer's corporate network was breached in alleged APT hack - The remote access software company TeamViewer is warning that its corporate environment was breached in a cyberattack yesterday, with a cybersecurity firm claiming it was by an APT hacking group. The company says that it plans to be transparent about ...
11 months ago Bleepingcomputer.com Cozy Bear APT29
TeamViewer: Hackers copied employee directory data and encrypted passwords - Software company TeamViewer says that a compromised employee account is what enabled hackers to breach its internal corporate IT environment and steal encrypted passwords in an incident attributed to the Russian government. In an update on Sunday ...
10 months ago Therecord.media APT29
Cyber Insights 2023: The Geopolitical Effect - The result is more than a dozen features on subjects ranging from AI, quantum encryption, and attack surface management to venture capital, regulations, and criminal gangs. The Russia/Ukraine war that started in early 2022 has been mirrored by a ...
2 years ago Securityweek.com
NATO Draws a Cyber Red Line in Tensions With Russia - There has long been a military red line that NATO says Russia must not cross. Germany took a very strong diplomatic position, summoning Russia's representative, and then recalling its own Russian ambassador for talks. This is clearly a strong and ...
1 year ago Securityweek.com APT28 APT29
NATO Draws a Cyber Red Line in Tensions With Russia - There has long been a military red line that NATO says Russia must not cross. Germany took a very strong diplomatic position, summoning Russia's representative, and then recalling its own Russian ambassador for talks. This is clearly a strong and ...
1 year ago Packetstormsecurity.com APT28 APT29
TeamViewer says Russia's 'Cozy Bear' hackers attacked corporate IT system - Software company TeamViewer confirmed on Friday that a prolific Russian hacking group breached its corporate IT environment earlier in the week. In an updated statement, the company attributed a recently announced incident to APT29, also known as ...
11 months ago Therecord.media Cozy Bear APT29
TeamViewer says Russia's 'Cozy Bear' hackers attacked corporate IT system - Software company TeamViewer confirmed on Friday that a prolific Russian hacking group breached its corporate IT environment earlier in the week. In an updated statement, the company attributed a recently announced incident to APT29, also known as ...
10 months ago Therecord.media Cozy Bear APT29
TeamViewer breached by Russian state actor Midnight Blizzard - TeamViewer's corporate network was breached this week in an attack that the remote access software vendor attributed to Russian state-sponsored threat actor Midnight Blizzard. The company wrote at the time that it immediately began an investigation ...
11 months ago Techtarget.com Cozy Bear APT29
TeamViewer Hack Officially Attributed to Russian Cyberspies - TeamViewer has confirmed that a notorious Russian cyberespionage group appears to be behind the recent hacker attack targeting the company's systems. The remote connectivity software provider revealed last week that it had detected an intrusion on ...
10 months ago Securityweek.com Cozy Bear APT29
TeamViewer Hack Officially Attributed to Russian Cyberspies - TeamViewer has confirmed that a notorious Russian cyberespionage group appears to be behind the recent hacker attack targeting the company's systems. The remote connectivity software provider revealed last week that it had detected an intrusion on ...
10 months ago Packetstormsecurity.com Cozy Bear APT29
TeamViewer abused to breach networks in new ransomware attacks - Ransomware actors are again using TeamViewer to gain initial access to organization endpoints and attempt to deploy encryptors based on the leaked LockBit ransomware builder. TeamViewer is a legitimate remote access tool used extensively in the ...
1 year ago Bleepingcomputer.com LockBit
Russia-linked group APT29 likely breached TeamViewer - Microsoft fixed two zero-day bugs exploited in malware attacks. HTTP/2 CONTINUATION Flood technique can be exploited in DoS attacks. Finnish police linked APT31 to the 2021 parliament attack. BianLian group exploits JetBrains TeamCity bugs in ...
11 months ago Securityaffairs.com CVE-2020-3259 CVE-2023-22515 APT28 APT29 APT3 BianLian
Cybersecurity breach of TeamViewer Corporate environment by APT29 - TeamViewer, a remote monitoring and management tool based in Germany, has reported a security breach within its internal corporate IT environment. The incident occurred on June 26, 2024, prompting immediate remedial actions to prevent any potential ...
11 months ago Cybersecurity-insiders.com Cozy Bear APT29
Russia hacking: 'FSB in years-long cyber attacks on UK', says government - The UK is accusing Russia's Security Service, the FSB, of a sustained cyber-hacking campaign, targeting politicians and others in public life. The government said one group stole data through cyber-attacks, which was later made public, including ...
1 year ago Bbc.com
TeamViewer investigating intrusion of corporate IT environment - Software company TeamViewer said it is investigating a possible intrusion of its internal corporate IT environment after discovering irregularities on Wednesday. In a statement published on Thursday afternoon, the company explained that it ...
11 months ago Therecord.media APT29
Russian hackers use Ngrok feature and WinRAR exploit to attack embassies - After Sandworm and APT28, another state-sponsored Russian hacker group, APT29, is leveraging the CVE-2023-38831 vulnerability in WinRAR for cyberattacks. APT29 is tracked under different names and has been targeting embassy entities with a BMW car ...
1 year ago Bleepingcomputer.com CVE-2023-38831 APT28 APT29
Key Group uses leaked builders of ransomware and wipers | Securelist - The first discovered sample of Key Group, the Xorist ransomware, established persistence in the system by changing file extension associations. The .huis_bn extension added to encrypted files in the early versions of Key Group samples, Xorist and ...
7 months ago Securelist.com
Network Segmentation Saved TeamViewer From APT29 Attack - This segregation is one of multiple layers of protection in our 'defense in-depth' approach. Defense-in-depth is a set of basic techniques, including network segmentation, that the US government consistently urges people to implement. Others include ...
11 months ago Darkreading.com
Ukraine says it hacked Russian aviation agency, leaks data - Ukraine's intelligence service, operating under the Defense Ministry, claims they hacked Russia's Federal Air Transport Agency, 'Rosaviatsia,' to expose a purported collapse of Russia's aviation sector. Rosaviatsia is the agency responsible for ...
1 year ago Bleepingcomputer.com
CISA orders agencies impacted by Microsoft hack to mitigate risks - CISA has issued a new emergency directive ordering U.S. federal agencies to address risks resulting from the breach of multiple Microsoft corporate email accounts by the Russian APT29 hacking group. It requires them to investigate potentially ...
1 year ago Bleepingcomputer.com APT29
France blames Russian military intelligence for years of cyberattacks on local entities | The Record from Recorded Future News - According to French officials, APT28 — also known as Fancy Bear or BlueDelta, and long believed to be an arm of the GRU’s Unit 26165 —has been behind cyber operations affecting around ten French entities since 2021. France has accused a hacker ...
1 month ago Therecord.media Fancy Bear APT28
Ukrainian military says it hacked Russia's federal tax agency - The Ukrainian government's military intelligence service says it hacked the Russian Federal Taxation Service, wiping the agency's database and backup copies. Following this operation, carried out by cyber units within Ukraine's Defense Intelligence, ...
1 year ago Bleepingcomputer.com
HPE investigates new breach after data for sale on hacking forum - Hewlett Packard Enterprise is investigating a potential new breach after a threat actor put allegedly stolen data up for sale on a hacking forum, claiming it contains HPE credentials and other sensitive information. The company has told ...
1 year ago Bleepingcomputer.com APT1 APT29
Russian military hackers target NATO fast reaction corps - Russian APT28 military hackers used Microsoft Outlook zero-day exploits to target multiple European NATO member countries, including a NATO Rapid Deployable Corps. Researchers from Palo Alto Networks' Unit 42 have observed them exploiting the ...
1 year ago Bleepingcomputer.com CVE-2023-23397 Fancy Bear APT28