U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|
Advertisement

Ad Placeholder

Full Width × 90

APT

DPA Report: Russia-linked APT28 group hacked Germany’s government network

Germany Government confirmed that hackers had breached its computer network and implanted a malware that was undetected for one year. German news agency DPA reported that Russian hackers belonging to the APT28 group (aka Fancy Bear, Pawn Storm, Sednit, Sofacy, and Strontium) have breached Germany’s foreign and interior ministries’ online networks. The agency, quoting unnamed security sources, revealed that the […]

spyware Germany Russia German Officials

Germany Government confirmed that hackers had breached its computer network and implanted a malware that was undetected for one year.

German news agency DPA reported that Russian hackers belonging to the APT28 group (aka Fancy BearPawn StormSednit, Sofacy, and Strontium) have breached Germany’s foreign and interior ministries’ online networks.

The agency, quoting unnamed security sources, revealed that the APT28 hackers planted malware in the ministries’ networks. The malicious code was undetected as long as a year.

“A Russian-backed hacker group known for many high-level cyber attacks was able to infiltrate the German government’s secure computer networks, the dpa news agency reported Wednesday.” reported the ABCnews.

The German Government discovered the intrusion in December but the experts believe that the hackers were inside the networks as long as a year. The DPA also added that hackers were able to penetrate an isolated government IT network.

“within the federal administration the attack was isolated and brought under control.” said the Interior Ministry that also confirmed an ongoing investigation.

“This case is being worked on with the highest priority and considerable resources,” the ministry added.

The hackers exfiltrated 17 gigabytes of data that could be used in further attacks against the German Government.

APT28 targets Germany

This isn’t the first time that Russia-linked APT28 was blamed for a cyber attack against Germany, in 2015 the APT group hacked into the systems of the German Parliament.

What will happen in the future?

Top German intelligence officials are requesting to the government to hack back attackers in case of a cyber attack from a foreign government

[adrotate banner=”9″] [adrotate banner=”12″]

Pierluigi Paganini

(Security Affairs – cyber espionage, APT28)

[adrotate banner=”5″]

[adrotate banner=”13″]