"This activity demonstrates how exploited vulnerabilities in widely used network devices can be leveraged by sophisticated hostile actors. We strongly encourage organizations and network defenders to familiarise themselves with the techniques described in the advisory and to follow the mitigation advice."
"Fancy Bear typically reroutes victims searching for commonly visited services such as Outlook to websites under its control. Victims are instead served an Outlook copycat page, into which they unwittingly enter their legitimate credentials to access the service."
The UK's National Cyber Security Centre warns about Russia's APT28 group targeting small office and home office routers to steal sensitive information. By exploiting vulnerabilities, APT28 alters DNS settings, redirecting users to fake websites that mimic legitimate services like Outlook. This tactic can also affect downstream devices, increasing exposure to malicious connections. The NCSC has monitored these activities since 2021, noting that while the attacks are sophisticated, they appear opportunistic rather than focused on high-value targets. Organizations are urged to follow mitigation advice to protect their networks.
Read at Theregister
Unable to calculate read time
Collection
[
|
...
]