• Menu
  • Skip to main content
  • Skip to primary sidebar

The Cyber Security News

Latest Cyber Security News

Header Right

  • Latest News
  • Vulnerabilities
  • Cloud Services
Cyber Security News

Pro-Russian Winter Vivern APT Targets Governments and Telecom Firm

You are here: Home / General Cyber Security News / Pro-Russian Winter Vivern APT Targets Governments and Telecom Firm
March 17, 2023

The Russia-aligned sophisticated persistent risk (APT) regarded as Winter Vivern has been observed conducting espionage strategies targeting authorities corporations and a non-public telecommunication group.

Security scientists at SentinelOne shared details about the new campaign in an advisory printed on Thursday. The APT action was initially recognized by DomainTools in early 2021 and then more described by Lab52 months later.

“The group has prevented public disclosure due to the fact then, until modern attacks focusing on Ukraine,” wrote danger researcher Tom Hegel in the SentinelOne advisory. “A element of a Wintertime Vivern campaign was reported in new weeks by the Polish CBZC, and then the Ukraine CERT as UAC-0114.”

✔ Approved Seller From Our Partners
Mullvad VPN Discount

Protect your privacy by Mullvad VPN. Mullvad VPN is one of the famous brands in the security and privacy world. With Mullvad VPN you will not even be asked for your email address. No log policy, no data from you will be saved. Get your license key now from the official distributor of Mullvad with discount: SerialCart® (Limited Offer).

➤ Get Mullvad VPN with 12% Discount


In accordance to Hegel, Winter Vivern’s action aligns with the global objectives and pursuits of the Belarusian and Russian governments.

“Recently joined campaigns expose that Winter Vivern has qualified Polish govt businesses, the Ukraine Ministry of Foreign Affairs, the Italy Ministry of International Affairs and men and women inside of the Indian authorities,” reads the advisory. “Of certain fascination is the APT’s concentrating on of private firms, like telecommunications organizations, that assistance Ukraine in the ongoing war.”

Study far more on Ukraine below: Cyber Risk Landscape Formed by Ukraine Conflict, ENISA Report Reveals

Even more, Hegel stated that Winter season Vivern made use of techniques personalized to the targeted organization, to raise the likelihood of effective baiting by using phishing and deployment of destructive files.

“Winter Vivern’s tactics have provided the use of malicious documents, often crafted from reliable governing administration paperwork publicly accessible or personalized to specific themes,” wrote the malware researcher. “More not long ago, the group has used a new lure method that entails mimicking authorities domains to distribute destructive downloads.”

Mainly because of this capability to lure targets into the attacks, the SentinelOne team thinks the APT to be a “formidable force” in the cyber domain.

“Their potential to entice targets into the attacks and their concentrating on of governments and large-worth private enterprises reveal the degree of sophistication and strategic intent in their operations,” Hegel wrote.

The SentinelOne advisory arrives days just after security experts pointed out how Russia’s cyber practices in Ukraine were noticed shifting to emphasis on espionage.


Some sections of this posting are sourced from:
www.infosecurity-magazine.com

Previous Post: «Cyber Security News Google Exposes 18 Zero-Day Flaws in Samsung Exynos Chips

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Report This Article

Recent Posts

  • Pro-Russian Winter Vivern APT Targets Governments and Telecom Firm
  • Google Exposes 18 Zero-Day Flaws in Samsung Exynos Chips
  • Free decryptor released for Conti ransomware variant infecting hundreds of organisations
  • Bitwarden to release fix for four-year-old vulnerability
  • THN Webinar: 3 Research-Backed Ways to Secure Your Identity Perimeter
  • New GoLang-Based HinataBot Exploiting Router and Server Flaws for DDoS Attacks
  • A New Security Category Addresses Web-borne Threats
  • ICO Reprimands Metropolitan Police for Data Snafu
  • Lookalike Telegram and WhatsApp Websites Distributing Cryptocurrency Stealing Malware
  • Russian Military Preparing New Destructive Attacks: Microsoft

Copyright © TheCyberSecurity.News, All Rights Reserved.