During the monitoring of the national segment of the Internet by specialists of the National Computer Emergency Response Team of the Republic of Belarus (CERT.BY ), obtained samples of phishing messages distributed by malicious actors. Analysis of the recipient list showed that the primary targets of the attack were government […]
News
10 posts
During the response to the incident in the national segment of the Internet, the CERT.BY team identified the activities of the Cloud Atlas APT group. In this article, we will not consider the full chain of compromise, but will present the vector of initial access to the organization.
As part of international cooperation, the The National Computer Emergency Response Team (CERT.BY ) of the Republic of Belarus implemented a set of measures in the first quarter of 2025 aimed at countering the spread of cyber threats and minimizing potential damage in the national segment of the Internet.
Since the end of 2023, specialists from the National Computer Incident Response Center (CERT.BY ) have recorded a trend of attackers using domains that mimic legitimate ones.
As part of one of the regular investigations, the national computer emergency response team has identified APT with the unique for belarussian segment malware that can be classified as SpyWare with the ability to provide remote access to the attacked infrastructure. It is not easy to detect an infected system […]
In the latter half of 2023, CERT.BY together with LLC "Reliable Programs" detected five waves of phishing with "Agent Tesla" malware. The attacks were organized through email distribution in the Belarusian segment of the Internet.
A new campaign is being recorded in Bynet to send out and infect users of the national segment of the Internet with malicious software (hereinafter referred to as malware). The mailings are aimed at individuals, private and public sector enterprises, as well as law enforcement agencies, state bodies and organizations. […]
In the national segment of the Internet the second wave of Emotet Trojan infection has been identified. We have previously written in the news about Emotet: Bankers Attack and Bankers Attack. Part 2. The Emotet Trojan which offers the transfer service, including to other families of malicious software, has been […]
The National Computer Emergency Response Teamsees the use of third-party postal services in official activities as one of the main vectors of threats for state bodies and organizations. At the beginning of 2020 we recorded another campaign to send malicious software (hereinafter referred to as malware) to users of the […]