Loading...
Loading...
Browse all stories on DeepNewz
VisitAWS Disrupts Russian APT29 Cyber Operation Using Malicious RDP Files to Steal Sensitive Data from Ukraine
Oct 26, 2024, 04:30 AM
Amazon Web Services (AWS) has taken action against domains associated with the Russian cyber espionage group APT29, which were reportedly used in a campaign to steal sensitive data. The AWS security team, in collaboration with the Ukrainian Computer Emergency Response Team (CERT-UA), identified that APT29 had been mimicking AWS to harvest Windows credentials from targets in Ukraine. This operation involved malicious Remote Desktop Protocol (RDP) files and was part of a broader phishing effort aimed at Ukrainian entities. CERT-UA has issued warnings regarding sophisticated email attacks utilizing these RDP files to breach sensitive systems in the region. The coordinated effort by AWS and CERT-UA aims to disrupt these malicious activities and protect against further cyber threats.
View original story
Markets
No • 50%
Yes • 50%
Reports from cybersecurity firms or CERT-UA confirming new attacks
Yes • 50%
No • 50%
Official announcements from AWS or CERT-UA confirming the disruption
No • 50%
Yes • 50%
CERT-UA official communications or public warnings
Microsoft • 25%
Other • 25%
IBM • 25%
Google • 25%
Official announcements from CERT-UA or the collaborating entity
Other • 25%
Phishing • 25%
Malware • 25%
Ransomware • 25%
Cybersecurity reports detailing APT29's methods
Government • 25%
Finance • 25%
Energy • 25%
Healthcare • 25%
Cybersecurity analysis reports on APT29 attack patterns