Blog
Share This Post
[ad_1]
Newly discovered nearest neighbor targeting, or the compromise of neighboring Wi-Fi networks, had been leveraged by Russian state-backed threat operation APT28 — also known as Fancy Bear, Sofacy, Forest Blizzard, and Gruesome Larch — to remotely infiltrate the enterprise Wi-Fi network of a U.S. organization working with Ukraine more than two years ago, reports BleepingComputer.
After unsuccessfully exploiting the targeted organization’s Wi-Fi credentials obtained via password spraying attacks due to multi-factor authentication, APT28 resorted to breaching other entities in close proximity before discovering a device within range of the original target, according to a Volexity analysis. Researchers also noted attackers’ exploitation of a remote desktop connection to facilitate lateral network movement and data exfiltration. “Volexity further determined that GruesomeLarch was actively targeting Organization A in order to collect data from individuals with expertise on and projects actively involving Ukraine,” said Volexity researchers, who noted the findings to emphasize the importance of more robust protections for corporate Wi-Fi networks.
Get essential knowledge and practical strategies to fortify your network security.
[ad_2]
Source link
Subscribe To Our Newsletter
Get updates and learn from the best
More To Explore
US Charges Five People Over North Korean IT Worker Scheme
[ad_1] The US has announced charges against five individuals involved in a fake IT workers scheme to funnel funds to
In Other News: VPN Supply Chain Attack, PayPal $2M Settlement, RAT Builder Hacks Script Kiddies
[ad_1] Noteworthy stories that might have slipped under the radar: Korean VPN supply chain attack, PayPal settles with New York
