APT29
-
SEC asks court to dismiss lawsuit against SolarWinds and its CISO
The SEC moved to voluntarily dismiss its enforcement action against SolarWinds and CISO Timothy G. Brown on Nov. 20, 2025. The agency had accused the company of overstating cybersecurity practices and failing to disclose risks related to the 2020 supply‑chain compromise, but many allegations were previously dismissed by a federal court.
-
Amazon says APT29 attempted watering-hole attack to harvest Microsoft credentials; AWS says no systems affected
Amazon said it disrupted an APT29 watering-hole campaign aimed at harvesting Microsoft credentials, stressing that no AWS systems were compromised. The operation used spoofed Cloudflare pages and randomized redirects to trick users, with Google Threat Intelligence and AWS detailing evasion techniques and previous similar activity.
-
Russian APT29 Launches New Phishing Campaign Targeting Embassies with Sophisticated Malware
Russian state-sponsored group Midnight Blizzard, also known as APT29, has launched a highly targeted phishing campaign against European embassies, utilizing a new malware loader named GrapeLoader and an evolved version of the WineLoader backdoor. Experts from Check Point Research warn that these developments require advanced multi-layered defenses to counteract the increased sophistication of this cyber…
