AI Knowledge Graphs Transform APT Threat Intelligence
SANS researchers demonstrate how open-source AI tools extract actionable relationships from unstructured threat reports, mapping GRU and APT28 TTPs in interactive visualizations.
5 articles tagged with "Apt28"
SANS researchers demonstrate how open-source AI tools extract actionable relationships from unstructured threat reports, mapping GRU and APT28 TTPs in interactive visualizations.
Russia's APT28 exploited CVE-2026-21509 to hit maritime and transport organizations across nine countries, with shipping firms making up 35% of targets.
Operation Neusploit saw Russia's APT28 exploit CVE-2026-21509 against 60+ Ukrainian targets within 72 hours of Microsoft's disclosure, delivering MiniDoor and BEARDSHELL backdoors.
Recorded Future tracks APT28 harvesting credentials from energy, defense, and government targets in the Balkans, Middle East, and Central Asia using free hosting infrastructure.
Fancy Bear campaigns from February through September 2025 targeted energy, defense, and policy organizations using fake VPN and email login pages.