Russia's Nobelium Threat Group Continues to Target Governments and Enterprises Worldwide
Life360 sells location data on children and families, Microsoft seizes 42 domains used by Chinese espionage group, Israel imposes new restrictions on export of cyber "warfare" tools, more
Check out my latest CSO column, which provides a deeper look into Cyber Command’s admission of targeting malware operators.
Researchers at Mandiant say the Russian threat group Microsoft calls Nobelium, that is also known as APT29, The Dukes, or Cozy Bear and is believed to be the hacking division of the Russian Foreign Intelligence Service (SVR), continues to breach government and enterprise networks worldwide by targeting their cloud and managed service providers and using a new custom "Ceeloader" malware.
The researchers say that Nobelium actors continue to breach cloud providers and MSPs as a way to gain initial access to their downstream customer's network environment. Mandiant warns that the activity of Nobelium is heavily focused on the collection of intelligence. (Bill Toulas / Bleeping Computer)
Related: CTV News, Associated Press Technology, The Independent, AOL, Al Arabiya, Cyberscoop, Ars Technica, Bleeping Computer, The Hacker News, Security Week, Dark Reading, The Hill, Thr…
Keep reading with a 7-day free trial
Subscribe to Metacurity to keep reading this post and get 7 days of free access to the full post archives.