View Post

SOFACY in Poland

In Uncategorized by Jeff Pelliccio

SOFACY is Russian backed advanced persistent threat group (APT) also known at APT28 / Fancy Bear who has been operating since 2008. Fancy Bear typically targets government, defense, energy, media, and aerospace organizations globally. In the first half of 2018 and latter part of 2017, the group has been particularity active.  Recently Hexcapes observed some samples in the wild targeting …

View Post

VPN Filter: Resurrected

In Uncategorized by Jeff Pelliccio

On Friday June 1st 2018, JASK and GreyNoise Intelligence revealed their security researchers had detected the same threat actor responsible for the VPNFilter botnet attacks. Fancy Bear / APT28  was attempting to resurrect their cyber campaign after being taken down by the FBI by building a new botnet infrastructure to support more VPNFilter attacks.  Although there have been over 54 countries …