Facebook Twitter Instagram
    The Conservative NutThe Conservative Nut
    • Home
    • Latest News
    • Politics
    • Videos
    • Events
    • Others
      • Entertainment
      • Technology
      • Science
      • Business
    Subscribe
    The Conservative NutThe Conservative Nut
    Home » SolarWinds: Russian spies also targeted French entities
    Technology

    SolarWinds: Russian spies also targeted French entities

    By Lockie TicknerDecember 9, 20212 Mins Read
    solarwinds:-russian-spies-also-targeted-french-entities

    The Anssi has observed several phishing campaigns against French entities since February 2021, whose technical markers correspond to the modus operandi of Nobelium, the group to which the resounding SolarWinds affair is attributed. in the United States last year, AFP reports.

    “ These campaigns made it possible to compromise the email accounts of French organizations, and to send to from these accounts e-mails tricked to foreign institutions in the diplomatic sector , ”says his report. “ In addition, French public organizations have also been the recipients of trapped messages from supposedly compromised foreign institutions “.

    These malicious activities are the result of the same attacker modus operandi (MOA), which compromises the email accounts of trusted entities to send its phishing emails.

    In these is an HTML attachment, named “ EnvyScout “, containing a Google Drive link that the user had to open to download the code malicious and execute the Cobalt Strike payload.

    The infrastructure used by Nobelium in the attacks against French entities was mainly set up using virtual private servers (VPS) from different hosts (favoring OVH servers and located near the target countries), specifies Bleeping Computer.

    The ANSSI report details the technical information related to phishing campaigns, the nature of the activities observed malware, TTPs and attackers’ infrastructure.

    Recommendations and indicators of compromise are available at the end of the document, recommending to “ not to execute questionable files “, and to “ apply enhanced security measures ” to Active Directory servers.

    Share. Facebook Twitter Pinterest LinkedIn Tumblr Email
    Lockie Tickner

      Related Posts

      How to activate new verizon iphone

      January 7, 2024

      How to install your own wireless router with verizon fios

      January 2, 2024

      Where is the wps button on verizon fios router

      January 2, 2024

      Which router works with verizon fios

      January 2, 2024

      How to set up a second router on verizon fios

      January 2, 2024

      What router can I use with verizon fios

      January 2, 2024
      Add A Comment

      Comments are closed.

      Don't Miss
      Bill Assistance

      How to get free stuff from aldi

      February 20, 2024

      Source: content-images.thekrazycouponlady.com Best Time to Shop at Aldi for Free Stuff Shop on Wednesdays for…

      Unreal Mobile APN Settings 2024

      February 20, 2024

      Aps Yavapai County, Arizona Community Action Agency Assistance Programs

      February 20, 2024

      Nv Energy Washoe County, Nevada Utility Bill Assistance Program

      February 20, 2024
      Stay In Touch
      • Facebook
      • Twitter
      • Pinterest
      • Instagram
      • YouTube
      • Vimeo
      Facebook Twitter Instagram Pinterest
      • About Us
      • Contact Us
      • Advertise With Us
      • Editorial Policy
      • Privacy Policy
      • Affiliate Disclosure
      • Authors
      • Terms of service
      © 2024 TCN

      Type above and press Enter to search. Press Esc to cancel.