Home/Tag/Apt28

Apt28

5 articles tagged with "Apt28"

Threat Intelligence4 min read

AI Knowledge Graphs Transform APT Threat Intelligence

SANS researchers demonstrate how open-source AI tools extract actionable relationships from unstructured threat reports, mapping GRU and APT28 TTPs in interactive visualizations.

Alex KowalskiFeb 13, 2026

Threat Intelligence4 min read

APT28 Targets European Maritime Sector via Office Flaw

Russia's APT28 exploited CVE-2026-21509 to hit maritime and transport organizations across nine countries, with shipping firms making up 35% of targets.

Alex KowalskiFeb 5, 2026

Threat Intelligence3 min read

APT28 Weaponized Office Zero-Day in Three Days Flat

Operation Neusploit saw Russia's APT28 exploit CVE-2026-21509 against 60+ Ukrainian targets within 72 hours of Microsoft's disclosure, delivering MiniDoor and BEARDSHELL backdoors.

Alex KowalskiFeb 5, 2026

Threat Intelligence4 min read

Russia's Fancy Bear Running Low-Cost Credential Theft Across Three Continents

Recorded Future tracks APT28 harvesting credentials from energy, defense, and government targets in the Balkans, Middle East, and Central Asia using free hosting infrastructure.

Alex KowalskiJan 22, 2026

Threat Intelligence4 min read

Russia's APT28 Harvests Credentials Across Balkans and Central Asia

Fancy Bear campaigns from February through September 2025 targeted energy, defense, and policy organizations using fake VPN and email login pages.

Alex KowalskiJan 11, 2026