Russian spies may have moved in next door to target your network
Plus: Microsoft seizes phishing domains; Helldown finds new targets; Illegal streaming with Jupyter, and more Infosec in brief Not to make you paranoid, but that business across the street could, under certain conditions,
Spies hack Wi-Fi networks in far-off land to launch attack on target next door
While stalking its target, GruesomeLarch performed credential-stuffing attacks that compromised the passwords of several accounts on a web service platform used by the organization's employees. Two-factor authentication enforced on the platform, however, prevented the attackers from compromising the accounts.
Russian Spies Jumped From One Network to Another Via Wi-Fi in an Unprecedented Hack
In a first, Russia's APT28 hacking group appears to have remotely breached the Wi-Fi of an espionage target by hijacking a laptop in another building across the street.
Novel Russian hacking method daisy chains Wi-Fi networks to reach intended target
Russian hackers have devised a highly sophisticated method of breaching Wi-Fi networks from afar that researchers have dubbed the "nearest neighbor attack," as it allows hackers
Hackers breach US firm over Wi-Fi from Russia in 'Nearest Neighbor Attack'
Russian state hackers APT28 (Fancy Bear/Forest Blizzard/Sofacy) breached a U.S. company through its enterprise WiFi network while being thousands of miles away, by leveraging a novel technique called "nearest neighbor attack.
Russian Hackers Sign Into US Wi-Fi Network by Hijacking Nearby Devices
Fi network in the US by hijacking a device in a building across the street—all without leaving Russia.Cybersecurity vendor Volexity today documented the rare hacking technique, dubbed the "Nearest Neighbor Attack.
Hackers breach Wi-Fi network of U.S. firm from Russia — daisy chain attack jumps from network to network to gain access from thousands of miles away
Russian hackers compromised two different organization to attack the network of a third firm located across the road via ...
CRN9mon
CISA: Attackers Are Bypassing Ivanti VPN Bug Mitigations
Earlier this month, researchers at Volexity reported that “mass exploitation” of the Ivanti Connect Secure vulnerabilities was underway, prompting CISA to release its first emergency directive ...
TechRadar6d
Update now — Fortinet Windows VPN hacked to steal user data
Experts from Volexity have published an in-depth report on a piece of malware called DeepData. This malware was used by a Chinese threat actor known as BrazenBamboo to steal login credentials ...
Chinese hackers exploit Fortinet VPN zero-day to steal credentials
Chinese threat actors use a custom post-exploitation toolkit named 'DeepData' to exploit a zero-day vulnerability in Fortinet ...
CRN10mon
Mandiant: Attacks Exploiting Ivanti VPN Flaws Began In December
Researchers at the Google Cloud-owned cybersecurity specialist confirmed findings from Volexity researchers about exploitation of the Connect Secure VPN vulnerabilities. Mandiant researchers ...
heise online2d
US company attacked via neighboring third-party WLAN devices
As the security consultants from Volexity report, one of their customers was hit. The customer noticed suspicious access to ...