Rosyjski wywiad atakuje

👀 Tak to już jest, że zawsze w oceanie znajdzie się jakaś większa ryba. Gdy na liście ofiar cyberszpiegów są partie polityczne, ambasady, prezydent Stanów Zjednoczonych, FBI i NSA, Pentagon czy NASA, a to jedynie mały wycinek listy, to brzmi tak abstrakcyjnie, że aż niewiarygodnie. Źródła: ❗️Advanced Persistent Threats: Attack Stages, Examples, and Mitigation https://www.hackerone.com/knowledge-center/advanced-persistent-threats-attack-stages-examples-and-mitigation 🔎 The MiniDuke Mystery: PDF 0-day Government Spy Assembler 0x29A Micro Backdoor https://securelist.com/the-miniduke-mystery-pdf-0-day-government-spy-assembler-0x29a-micro-backdoor/31112/ 👻 OPERATION GHOST. The Dukes aren’t back — they never left https://web-assets.esetstatic.com/wls/2019/10/ESET_Operation_Ghost_Dukes.pdf 📧 Official: Russia suspected in Joint Chiefs email server intrusion https://edition.cnn.com/2015/08/05/politics/joint-staff-email-hack-vulnerability/ 🧑🏻‍⚖️ CrowdStrike’s work with the Democratic National Committee: Setting the record straight https://www.crowdstrike.com/blog/bears-midst-intrusion-democratic-national-committee/ 👣 Following the Links From Russian Hackers to the U.S. Election https://www.nytimes.com/interactive/2016/07/27/us/politics/trail-of-dnc-emails-russia-hacking.html 🇳🇴 Norway: Russian hackers hit spy agency, defense, Labour party https://eu.usatoday.com/story/news/2017/02/03/norway-russian-hackers-hit-spy-agency-defense-labour-party/97441782/ 🚨 Russian hackers breached Dutch police systems in 2017 https://therecord.media/russian-hackers-breached-dutch-police-systems-in-2017 🦠 Advisory: APT29 targets COVID-19 vaccine development https://www.ncsc.gov.uk/files/Advisory-APT29-targets-COVID-19-vaccine-development.pdf 🥷 Russian hack was ‘classic espionage’ with stealthy, targeted tactics https://www.washingtonpost.com/technology/2020/12/14/russia-hack-us-government/ 🦾 SolarWinds is ‘largest’ cyberattack ever, Microsoft president says https://www.politico.eu/article/solarwinds-largest-cyberattack-ever-microsoft-president-brad-smith/ 🔓 Unauthorized Access of FireEye Red Team Tools https://www.mandiant.com/resources/blog/unauthorized-access-of-fireeye-red-team-tools 👨‍💼 Former SolarWinds CEO blames intern for ‘solarwinds123’ password leak https://edition.cnn.com/2021/02/26/politics/solarwinds123-password-intern/index.htm 🕵🏻 RSAConference. SolarWinds: What Really Happened? https://www.rsaconference.com/library/presentation/usa/2021/solarwinds-what-really-happened 🔑 APT29 @ malpedia https://malpedia.caad.fkie.fraunhofer.de/actor/apt29 📄 FACT SHEET: Imposing Costs for Harmful Foreign Activities by the Russian Government https://www.whitehouse.gov/briefing-room/statements-releases/2021/04/15/fact-sheet-imposing-costs-for-harmful-foreign-activities-by-the-russian-government/ Relevant xkcd: https://xkcd.com/1573/ © Wszystkie znaki handlowe należą do ich prawowitych właścicieli. ❤️ Dziękuję za Waszą uwagę. Znajdziecie mnie również na: Instagramie @mateuszemsi https://www.instagram.com/mateuszemsi/ Twitterze @MateuszChrobok https://twitter.com/MateuszChrobok Mastodonie https://infosec.exchange/@mateuszchrobok LinkedInie @mateuszchrobok https://www.linkedin.com/in/mateuszchrobok/ Patronite @MateuszChrobok https://patronite.pl/MateuszChrobok Podcasty na: Anchor https://anchor.fm/mateusz-chrobok Spotify https://open.spotify.com/show/6y6oWs20HwRejktOWHTteR Apple Podcasts https://apple.co/3OwjvOh Rozdziały: 00:00 Intro 01:13 APT 03:39 Kalendarium 09:58 SolarWinds 21:39 Atrybucja 23:30 Co Robić i Jak Żyć? #APT #Rosja #cyberbezpieczeństwo #szpiegowanie #służby https://www.youtube.com/watch?v=pwqzZjesS_U