The Threat CodexMar 10
Sednit reloaded: Back in the trenches
#Sednit #SlimAgent #BeardShell #Covenant
https://www.welivesecurity.com/en/eset-research/sednit-reloaded-back-trenches/
Sednit reloaded: Back in the trenches

ESET researchers document how the Sednit APT group has reemerged with a modern toolkit centered on two paired implants – BeardShell and Covenant.

Hackread.comMay 24, 2025

⚠️ Critical #XSS flaw actively exploited in Zimbra Collaboration Suite, putting over 129,000 servers at risk. Researchers suspect involvement of #Sednit (aka Fancy Bear).

Read: https://hackread.com/zimbra-cve-2024-27443-xss-flaw-hit-sednit-servers/

#CyberSecurity #Vulnerability #FancyBear #Zimbra

Zimbra CVE-2024-27443 XSS Flaw Hits 129K Servers, Sednit Suspected

Follow us on Bluesky, Twitter (X), Mastodon and Facebook at @Hackread

Hackread - Latest Cybersecurity, Hacking News, Tech, AI & Crypto
The Threat CodexMay 15, 2025
Operation RoundPress
#Sednit
https://www.welivesecurity.com/en/eset-research/operation-roundpress/
Operation RoundPress targeting high-value webmail servers

ESET researchers uncover a Russia-aligned espionage operation that they named RoundPress and that targets webmail servers via XSS vulnerabilities.

Ars Technica NewsMay 15, 2025
Spies hack high-value mail servers using an exploit from yesteryear https://arstechni.ca/98Fq #cross-sitescripting #Security #webmail #Biz&IT #sednit #xss
Spies hack high-value mail servers using an exploit from yesteryear

Attacks spilled contacts and emails from targeted accounts.

Ars Technica
Marcel SIneM(S)USOct 27, 2023
Webmailer #Roundcube: Attacken auf Zero-Day-Lücke | Security https://www.heise.de/news/Webmailer-Roundcube-Attacken-auf-Zero-Day-Luecke-9343924.html #Exploit #Patchday #CyberCrime #CrossSiteScripting #XSS #APT28 #WinterVivern #Sednit #Russland #Russia #Belarus #Weissrussland #Hacking
Webmailer Roundcube: Attacken auf Zero-Day-Lücke

Im Webmailer Roundcube missbrauchen Cyberkriminelle eine Sicherheitslücke, um verwundbare Einrichtungen anzugreifen. Ein Update schließt das Leck.

heise online
ITSEC NewsSep 24, 2019
Zebrocy Retools for New Political Attacks - Researchers warn that the Russia-linked APT has freshened up their tools with an improved download... more: https://threatpost.com/zebrocy-retools-political-attacks/148593/ #spearphishing #fancybear #backdoor #phishing #malware #dropbox #zebrocy #delphi #golang #sednit #apt28
Zebrocy Retools for New Political Attacks

Researchers warn that the Russia-linked APT has freshened up their tools with an improved downloader and more.

Threatpost - English - Global - threatpost.com
Cyb3ricApr 25, 2017

Le #parti #EnMarche, de #Macron aurait été la #cible des #hackers de #FancyBear!

#France #électionsprésidentielles2017 #pirates #TrendMicro #APT28 #Sednit #USA #Russie #Poutine #GRU

http://www.liberation.fr/futurs/2017/04/24/en-marche-cible-des-hackers-de-fancy-bear_1565016