Cybersecurity

7046 readers

167 users here now

c/cybersecurity is a community centered on the cybersecurity and information security profession. You can come here to discuss news, post something interesting, or just chat with others.

THE RULES

Instance Rules

Be respectful. Everyone should feel welcome here.
No bigotry - including racism, sexism, ableism, homophobia, transphobia, or xenophobia.
No Ads / Spamming.
No pornography.

Community Rules

Idk, keep it semi-professional?
Nothing illegal. We're all ethical here.
Rules will be added/redefined as necessary.

If you ask someone to hack your "friends" socials you're just going to get banned so don't do that.

Learn about hacking

Hack the Box

Try Hack Me

Pico Capture the flag

Other security-related communities !databreaches@lemmy.zip !netsec@lemmy.world !securitynews@infosec.pub !cybersecurity@infosec.pub !pulse_of_truth@infosec.pub

Notable mention to !cybersecuritymemes@lemmy.world

founded 2 years ago

MODERATORS

kid@sh.itjust.works

Lanky_Pomegranate530@midwest.social

Renewed Russian Phishing Campaign Against European Diplomats (research.checkpoint.com)

submitted 6 days ago* (last edited 6 days ago) by Tea@programming.dev to c/cybersecurity@sh.itjust.works

1 comments fedilink hide all child comments

Check Point Research has been tracking an advanced phishing campaign conducted by APT29, a Russia linked threat group, which is targeting diplomatic entities across Europe.

The campaign, which appears to be a continuation of a previous one that utilized a backdoor known as WINELOADER, impersonates a major European foreign affairs ministry to distribute fake invitations to diplomatic events—most commonly, wine tasting events.

This campaign employs a new loader, called GRAPELOADER, which is downloaded via a link in the phishing email. In addition, we discovered a new variant of WINELOADER which is likely used in later stages of the campaign.

While the improved WINELOADER variant is still a modular backdoor used in later stages, GRAPELOADER is a newly observed initial-stage tool used for fingerprinting, persistence, and payload delivery. Despite differing roles, both share similarities in code structure, obfuscation, and string decryption. GRAPELOADER refines WINELOADER’s anti-analysis techniques while introducing more advanced stealth methods.

you are viewing a single comment's thread
view the rest of the comments

[–] TabbsTheBat@pawb.social 1 points 6 days ago

I already know one politician in my country who's falling for this.. if the last 4 he fell for already weren't it x3