Hackread.comJan 12

Russian BlueDelta (Fancy Bear) uses PDFs to steal logins in just 2 seconds, targeting energy and research professionals globally.

Read: https://hackread.com/russian-bluedelta-fancy-bear-pdfs-steal-login/

#BlueDelta #FancyBear #Phishing #CyberSecurity #Russia

Russian BlueDelta (Fancy Bear) Uses PDFs to Steal Logins in Just 2 Seconds

Follow us on Bluesky, Twitter (X), Mastodon and Facebook at @Hackread

The Threat CodexJan 7
GRU-Linked BlueDelta Evolves Credential Harvesting
#BlueDelta
https://www.recordedfuture.com/research/gru-linked-bluedelta-evolves-credential-harvesting
GRU-Linked BlueDelta Evolves Credential Harvesting

Insikt Group reveals how GRU-linked BlueDelta evolved credential-harvesting campaigns targeting government, energy, and research organizations across Europe and Eurasia.

The Threat CodexDec 18
BlueDelta’s Persistent Campaign Against UKR.NET
#BlueDelta
https://www.recordedfuture.com/research/bluedeltas-persistent-campaign-against-ukrnet
BlueDelta’s Persistent Campaign Against UKR.NET

Discover how Russia’s BlueDelta targets UKR.NET users with advanced credential-harvesting campaigns, evolving tradecraft, and multi-stage phishing techniques.

Julian-Ferdinand VögeleMay 30, 2024
Colleagues of mine just published a report on the evolution of GRU's #BlueDelta operational #infrastructure targeting networks across Europe with information-stealing #Headlace malware and credential-harvesting web pages: https://www.recordedfuture.com/grus-bluedelta-targets-key-networks-in-europe-with-multi-phase-espionage-camp
GRU's BlueDelta Targets Key Networks in Europe with Multi-Phase Espionage Camp | Recorded Future

Discover BlueDelta’s (APT28, FANCY BEAR, Forest Blizzard) strategic espionage tactics in Europe. Learn more.

Julian-Ferdinand VögeleJun 20, 2023
My colleagues, in partnership with Ukraine's CERT-UA uncovered a campaign by #BlueDelta (overlaps with #apt28 targeting high-profile entities in #Ukraine. The campaign compromised vulnerable Roundcube servers through #CVE-2020-35730, without engaging with the attachment, to run reconnaissance and exfiltration scripts, redirecting incoming emails and gathering session cookies, user information, and address books. For more details: https://www.recordedfuture.com/bluedelta-exploits-ukrainian-government-roundcube-mail-servers
BlueDelta Exploits Ukrainian Government Roundcube Mail Servers to Support Espionage Activities | Recorded Future

A new report details a campaign by the threat actor, BlueDelta, likely intended to enable intelligence-gathering to support Russia’s invasion of Ukraine.