"Fancy Bear was able to steal data such as login credentials, passwords and access tokens from personal web and email services belonging to their victims in a so-called adversary-in-the-middle (AiTM) attack."
"This activity demonstrates how exploited vulnerabilities in widely used network devices can be leveraged by sophisticated hostile actors."
"The NCSC will continue to expose Russian malicious cyber activity and provide practical guidance to help protect UK networks."
The UK's National Cyber Security Centre and Microsoft revealed a DNS hijacking campaign by Russian cyber intelligence services, specifically APT28, targeting consumer and small office routers. This campaign involved altering router settings to reroute internet traffic through malicious servers, enabling data theft, including login credentials and passwords. The operation was opportunistic, affecting over 200 organizations and 5,000 consumer devices since August 2025. The NCSC emphasized the need for organizations to understand these techniques and follow mitigation advice to protect their networks from such threats.
Read at ComputerWeekly.com
Unable to calculate read time
Collection
[
|
...
]