Sean McKeown there's no evidence that Papadop was in communication with hackers.
Also, as I observed above, APT28 were identified BEFORE any exfiltration and BEFORE vast majority of emails even sent.
Get ready for Empire Operation: Tactics (APT28) course at @Defcon! Master the use of APT TTPs using Empire! Explore Fancy Bear's 2021 campaign and learn skills to enhance your red team operations! #defcontraining
Register: training.defcon.org/products/antho…
Back at #CYBERUK23 , we released an advisory with our US partners to help organisations counter malicious activity used by Russian cyber actors to exploit poorly maintained Cisco routers.
Read the advisory⤵️
ncsc.gov.uk/news/uk-and-us…
Russia's APT28 targets Ukraine government with bogus Windows updates nn itsecuritynews.info/russias-apt28-… #IT_securitynews
APT28 Targets Ukrainian Government Entities with Fake Windows Update Emails securecybersolution.com/apt28-targets-… #Sec_Cyber
Russia-linked APT28 uses fake Windows Update instructions to target Ukraine govt bodies nn itsecuritynews.info/russia-linked-… #IT_securitynews
APT28 Employs Windows Update Lures to Trick Ukrainian Targets nn itsecuritynews.info/apt28-employs-… #IT_securitynews
SunniPulse🇵🇸 Korobochka (コロボ) 🇺🇸✝️🇷🇺 ALLANITE,APT28,APT29, Dragonfly, Ember Bear , FIN5,Gamaredon Group, GCMAN,Indrik Spider,Nomadic Octopus, Sandworm Team,TEMP.Veles,Turla,Wizard Spider, fancy bear, killnet, gru,Cozy Bear,DCLeaks,Vice Society,Wizard Spider. This are not all of them. Killnet is composed by 100k guys
Threat actor APT28 targets Cisco routers with an old vulnerability nn itsecuritynews.info/threat-actor-a… #IT_securitynews
Russia's APT28 Targets Ukraine With Bogus Windows Updates nn itsecuritynews.info/russias-apt28-… #IT_securitynews
Smith Germán Fernández Luigi Martire JAMESWT First of all Gamaredon aka Primitive Bear isn't APT28.
Hunting on VT.