Start your day with intelligence. Get The OODA Daily Pulse.
Informing your decisions with actionable intelligence
Start your day with intelligence. Get The OODA Daily Pulse.
Informing your decisions with actionable intelligence
Russian APT targets diplomats via ISP-Level malware campaign
Russian state-sponsored group Secret Blizzard has been deploying custom malware, ApolloShadow, against diplomatic personnel in Moscow using adversary-in-the-middle (AitM) attacks. The campaign exploits ISP-level access, likely enabled by Russia’s domestic surveillance system SORM, to redirect victims through captive portals and install fake root certificates. Once activated, the malware modifies system settings, creates a persistent admin account, and enables file sharing. Microsoft urges organizations to use encrypted tunnels, apply least privilege principles, and implement strong cybersecurity measures to mitigate risk.
Read more:
Informing your decisions with actionable intelligence
Informing your decisions with actionable intelligence