This is a technical advisory on the threat actor APT28, written for the network defender community. It provides an overview of the actor and information about associated malware and tooling, with indicators of compromise and signatures that can be used to detect potential presence of the actor on a network. It concludes with mitigation guidelines for protecting networks against activity by APT28 and other hostile actors.
Menu