Russian BlueDelta (Fancy Bear) Uses PDFs to Steal Logins in Just 2 Seconds Follow us on Bluesky, Twitter (X), Mastodon and Facebook at @Hackread

Russian BlueDelta (Fancy Bear) uses PDFs to steal logins in just 2 seconds, targeting energy and research professionals globally.

Read: hackread.com/russian-blue...

#BlueDelta #FancyBear #Phishing #CyberSecurity #Russia

Russian BlueDelta (Fancy Bear) Uses PDFs to Steal Logins in Just 2 Seconds New research from Recorded Future reveals how Russian state hackers (BlueDelta) are using fake Microsoft and Google login portals to steal credentials. The campaign involves using legitimate PDF lures from GRC and EcoClimate to trick victims.

Alert: BlueDelta hackers intensify phishing attacks on Microsoft OWA, Google, and Sophos VPN users. Stay vigilant and implement MFA. #CyberSecurity #PhishingAlert #BlueDelta Link: thedailytechfeed.com/bluedelta-la...

GRU-Linked BlueDelta Evolves Credential Harvesting Insikt Group reveals how GRU-linked BlueDelta evolved credential-harvesting campaigns targeting government, energy, and research organizations across Europe and Eurasia.

Today, we released new @RecordedFuture research detailing BlueDelta’s expanded credential-harvesting activity observed between February and September 2025. #BlueDelta #APT28 #FANCYBEAR #ForestBlizzard #FROZENLAKE #ITG05 #PawnStorm #Sednit #Sofacy #TA422 (1/5) www.recordedfuture.com/research/gru...

Russian state-sponsored hackers, BlueDelta, are targeting Ukrainian webmail users with sophisticated credential theft campaigns. Stay vigilant and secure your accounts. #CyberSecurity #BlueDelta #Ukraine Link: thedailytechfeed.com/bluedelta-la...

BlueDelta’s Persistent Campaign Against UKR.NET Discover how Russia’s BlueDelta targets UKR.NET users with advanced credential-harvesting campaigns, evolving tradecraft, and multi-stage phishing techniques.

Today, we released new @RecordedFuture research detailing BlueDelta’s sustained credential-harvesting campaign targeting UKR.NET users between June 2024 and April 2025. www.recordedfuture.com/research/blu...
#BlueDelta #APT28 #FANCYBEAR #ForestBlizzard #FROZENLAKE #PawnStorm #Sednit #Sofacy (1/5)

APT28 Operation Phantom Net Voxel APT28 Operation Phantom Net Voxel: weaponized Office lures, COM-hijack DLL, PNG stego to Covenant Grunt via Koofr, BeardShell on icedrive.

Great work by Sekoia uncovering new #BlueDelta #APT28 #Sofacy #FancyBear #ForestBlizzard #TAG110 malware samples. Linked to CERT-UA’s BeardShell & Covenant frameworks + revealed fresh weaponized docs & subtle TTPs. Activity ties to Russia-nexus ops incl. Double-Tap. blog.sekoia.io/apt28-operat...

#CybersecurityAwareness
#TechniquesTacticsProcedures
#TTPs
#BestPractices
#CybersecurityAdvisory

#EDR
#EndpointDetectionAndResponse
#IndicatorsOfCompromise
#IOCs
#ReconnaissanceActivities
#Unit26165
#APT28
#FancyBear
#ForestBlizzard
#BlueDelta

#CSOLife

This 👇 💯❗️📣⚠️

Russia-Aligned TAG-110 Targets Asia and Europe with HATVIBE and CHERRYSPY TAG-110, a Russia-aligned threat group, targets organizations across Asia and Europe using HATVIBE and CHERRYSPY malware for espionage. Learn how Recorded Future's analysis uncovers the group’s tactic...

A new TAG-110 report, including victimology and recent C2 infrastructure, has just landed. #TAG110 #BlueDelta #APT28 www.recordedfuture.com/research/rus...