Briefings are running a touch slower this week while we rebuild the foundations.See roadmap

Timeline

APT28

Russian GRU military intelligence cyber unit; attributed with DNS-hijacking home routers to steal Microsoft 365 credentials.

8 of 8 entries (4 events, 4 interactions)

Filters

EventsMentionsInteractions

#223 Apr

Sixteen agencies put IOC extinction in print

Cybersecurity: Threats and Defences

#223 Apr

Mentioned in: Norway joins the Salt Typhoon victim list

Cybersecurity: Threats and Defences

#17 Apr

Exploited SOHO routers to hijack DNS and harvest Microsoft 365 OAuth tokens via adversary-in-the-middle attacks since 2024

Cybersecurity: Threats and Defences: GRU hijacks home routers for M365 logins

#17 Apr

Attacked→

“exploited soho router”

Cybersecurity: Threats and Defences · source event

#17 Apr

Attacked→

“exploited soho router”

Cybersecurity: Threats and Defences · source event

#16 Apr

Published by←

“issued coordinated psa”

Cybersecurity: Threats and Defences · source event

#16 Apr

Published by←

“published attribution advisory”

Cybersecurity: Threats and Defences · source event

#131 Mar

Targeted messaging app accounts of high-risk individuals using contact impersonation techniques

Cybersecurity: Threats and Defences: Signal, WhatsApp hit by three states

← Back to APT28