EN
  • Cyber stability
  • Secops
  • Risks management
  • Digital transformation
  • Digital Sovereignty
  • Cybercrime
  • Industry and OT
  • Fraud
  • Digital identity
  • Cyber +
    • ANSSI warns about Russian group APT28

    ANSSI warns about Russian group APT28

    Written by
    The Editorial Team
    11.01.23
    Risks management
    01
    MIN
    ANSSI warns about Russian group APT28
    ANSSI warns about Russian group APT28
    ANSSI warns about Russian group APT28
    Image Child privacy and protection: finding the right balance in the fight against dangerous sexual content
    Risks management
    04.09.24 Risks management
    Next article
    Child privacy and protection: finding the right balance in the fight against dangerous sexual content
    Read
    04
    MIN
    Image Tech giants make commitment against political deepfakes
    Risks management
    03.05.24 Risks management
    Next article
    Tech giants make commitment against political deepfakes
    Read
    02
    MIN
    Image Vulnerability identified in Rhysida ransomware
    Risks management
    03.05.24 Risks management
    Next article
    Vulnerability identified in Rhysida ransomware
    Read
    02
    MIN
    Image State-sponsored cybercriminals using ChatGPT
    Risks management
    03.04.24 Risks management
    Next article
    State-sponsored cybercriminals using ChatGPT
    Read
    01
    MIN

    Report details group’s numerous attacks against French organizations, and explains how to protect oneself.

    On October 26, 2023, ANSSI’s CERT-FR (French CSIRT) published a report on attacks carried out since 2021 by the Russian cybercriminal group APT28 against French organizations. Among the targets are government bodies, businesses, universities, research institutes and think tanks.

    APT28, which has been active for over ten years and is also known as “Fancy Bear”, is said to be under the control of the GRU, Russian military intelligence. In its first half, the CERT-FR report studies “the tactics, techniques and procedures (TTP) specific to APT28 operations since the second half of 2021.”

    The report examines how the cybercriminal group uses brute force, vulnerability and phishing attacks from compromised trusted accounts. “The attackers reduce detection risks by compromising poorly-monitored devices at the peripheries of networks (routers, gateways, email servers, firewalls etc.),” explains ANSSI.

    In the second half, ANSSI lists ways to defend against these attacks. The report recommends systematically using end-to-end encryption in email exchanges, and opting for a secure file exchange platform. ANSSI also advises organizations to frequently change sensitive passwords and train their teams in regard to phishing risks.

    The Editorial Team
    11.01.23
    Articles by the same author:
    1
    04.23.24 Secops
    Akamai to buy Noname Security for 500 million dollars
    Read
    01
    MIN
    2
    04.10.24 Cyber +
    Cahiers inCyber : “In Cloud We Trust”
    Read
    01
    MIN
    3
    03.05.24 Digital Sovereignty
    Government administration: France and Germany join forces to develop sovereign tools
    Read
    02
    MIN
    4
    03.05.24 Cyber stability
    Israel-Hamas cyberwar : Google emphasizes key role of Iran
    Read
    02
    MIN
    Image Child privacy and protection: finding the right balance in the fight against dangerous sexual content
    Risks management
    04.09.24 Risks management
    Next article
    Child privacy and protection: finding the right balance in the fight against dangerous sexual content
    Read
    04
    MIN
    Image Tech giants make commitment against political deepfakes
    Risks management
    03.05.24 Risks management
    Next article
    Tech giants make commitment against political deepfakes
    Read
    02
    MIN
    Image Vulnerability identified in Rhysida ransomware
    Risks management
    03.05.24 Risks management
    Next article
    Vulnerability identified in Rhysida ransomware
    Read
    02
    MIN
    Image State-sponsored cybercriminals using ChatGPT
    Risks management
    03.04.24 Risks management
    Next article
    State-sponsored cybercriminals using ChatGPT
    Read
    01
    MIN
    Stay tuned in real time
    Subscribe to
    the newsletter
    By providing your email address you agree to receive the Incyber newsletter and you have read our privacy policy. You can unsubscribe at any time by clicking on the unsubscribe link in all our emails.
    Stay tuned in real time
    Subscribe to
    the newsletter
    By providing your email address you agree to receive the Incyber newsletter and you have read our privacy policy. You can unsubscribe at any time by clicking on the unsubscribe link in all our emails.