Ειδοποιήσεις

In a report this week, Microsoft said that it disrupted operations of a nation-state threat group that was using its Azure cloud infrastructure for cyber attacks.

Microsoft refers to the actor by the name Gadolinium and says that it’s been active for about a decade targeting organizations in the maritime and health industry; more recently, the hackers expanded focus to higher education and regional government entities.

Read more »

icrosoft has confirmed that a bug in Windows 10 version 1607 and Windows Server 2016 is causing the Group Policy Editor to display errors.

In our September 2020 Windows health report, we reported that Windows 10 1607 and Windows Server 2016 users were experiencing errors when opening the the Security Options MMC in the group policy editor.

Read more »

On 9 August, QuoIntelligence disseminated a Warning to its government customers about a new APT28 (aka Sofacy, Sednit, Fancy Bear, STRONTIUM, etc.) campaign targeting government bodies of NATO members (or countries cooperating with NATO). In particular, we found a malicious file uploaded to VirusTotal, which ultimately drops a Zebrocy malware and communicates with a C2 in France. After our discovery, we reported the malicious C2 to the French law enforcement as part of our responsible disclosure process.

Zebrocy is a malware used by APT28 (also known as Sofacy), which was reported by multiple security firms[1][2][3][4][5][6] in the last two years.

Finally, our investigation concluded that the attack started on 5 August and targeted at least a government entity located in the Middle East. However, it is highly likely that NATO members also observed the same attack.

Read more »