WiredWX Christian Hobby Weather Tools

Would you like to react to this message? Create an account in a few clicks or log in to continue.

WiredWX Christian Hobby Weather Tools Log in

Crouching Yeti

WiredWX Christian Hobby Weather Tools :: GeekPolice tech support archive :: Device Security Protection

APT Group: Dragonfly / Energetic Bear / Crouching Yeti24th March 2018, 11:42 am

Advanced Persistent Threat (APT) Group: Dragonfly / Energetic Bear / Crouching Yeti

Status:

ONGOING

Current US-CERT Alert: TA18-074A
Attack Vectors: Spear-phishing emails, watering hole domains, and Trojans (including but not limited to: TCP exploitation, insecure credential hacking (non-2FA), web shell, and remote access).
Targets: infrastructure of ICS and SCADA - In other words: Intelligence gathering and sabotage.
Mitigation Techniques: Follow on US-CERT Alert bulletin linked above.
First noticed: At least December 2015 for current campaign; 2011-2014 for previous campaign
Last Update: March 2018
Other Notes: Source of attacks linked to the Kremlin APT.
Resources: US-CERT Bulletin TA18-074A - Symantec Analysis

APT Group: Dragonfly / Energetic Bear / Crouching Yeti

descriptionAPT Group: Dragonfly / Energetic Bear / Crouching Yeti24th March 2018, 11:42 am

APT Group: Dragonfly / Energetic Bear / Crouching Yeti24th March 2018, 11:42 am