this post was submitted on 17 Sep 2024
285 points (98.3% liked)

News

23259 readers
3263 users here now

Welcome to the News community!

Rules:

1. Be civil


Attack the argument, not the person. No racism/sexism/bigotry. Good faith argumentation only. This includes accusing another user of being a bot or paid actor. Trolling is uncivil and is grounds for removal and/or a community ban. Do not respond to rule-breaking content; report it and move on.


2. All posts should contain a source (url) that is as reliable and unbiased as possible and must only contain one link.


Obvious right or left wing sources will be removed at the mods discretion. We have an actively updated blocklist, which you can see here: https://lemmy.world/post/2246130 if you feel like any website is missing, contact the mods. Supporting links can be added in comments or posted seperately but not to the post body.


3. No bots, spam or self-promotion.


Only approved bots, which follow the guidelines for bots set by the instance, are allowed.


4. Post titles should be the same as the article used as source.


Posts which titles don’t match the source won’t be removed, but the autoMod will notify you, and if your title misrepresents the original article, the post will be deleted. If the site changed their headline, the bot might still contact you, just ignore it, we won’t delete your post.


5. Only recent news is allowed.


Posts must be news from the most recent 30 days.


6. All posts must be news articles.


No opinion pieces, Listicles, editorials or celebrity gossip is allowed. All posts will be judged on a case-by-case basis.


7. No duplicate posts.


If a source you used was already posted by someone else, the autoMod will leave a message. Please remove your post if the autoMod is correct. If the post that matches your post is very old, we refer you to rule 5.


8. Misinformation is prohibited.


Misinformation / propaganda is strictly prohibited. Any comment or post containing or linking to misinformation will be removed. If you feel that your post has been removed in error, credible sources must be provided.


9. No link shorteners.


The auto mod will contact you if a link shortener is detected, please delete your post if they are right.


10. Don't copy entire article in your post body


For copyright reasons, you are not allowed to copy an entire article into your post body. This is an instance wide rule, that is strictly enforced in this community.

founded 1 year ago
MODERATORS
 
you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 22 points 1 month ago (8 children)

Russia is not alone in its activity. Microsoft also saw efforts by a China-linked group, known as Storm-1852

rolls eyes

You give them a cool name, you make them sound cool.

Just do the plain ol' number thing. Let them do their own marketing work if they want marketing.

https://www.infosecurityeurope.com/en-gb/blog/threat-vectors/understanding-threat-actor-naming-conventions.html

While APT43’s link with the North Korean government was confirmed for the first time in the Mandiant report, the threat actor was already known by threat analysts under other names, such as Thallium, Kimsuky, Velvet Chollima, Black Banshee and STOLEN PENCIL.

This confusion comes down to each cyber threat intelligence (CTI) vendor operating its own attribution process for cyber-attacks – something we recently investigated on Infosecurity Magazine.

The most prominent threat group name is the Advanced Persistent Threat (APT). Commonly used by the whole CTI community, including US non-profit organization MITRE, which provides a standardized framework for tactics, techniques and procedures (TTPs), APT groups refer to clusters of sophisticated threat actors sponsored by, or acting on behalf of a government.

With geopolitical rather than financial motivations, APT groups typically operate cyber espionage campaigns and destructive cyber-attacks.

Once a threat actor has been confirmed to be a coherent group of hackers backed by a nation-state, the threat analysts who lead the cyber attribution allocate it a new APT number – the latest being APT43.

Other ‘sober’ naming conventions exist, consisting of codenames and numbers only. For example, APT-C groups are Chinese cybersecurity vendor 360 Security Technology’s equivalent to APT groups. APT-C numbers are sometimes used by other vendors.

Others, like MITRE’s G[XXX] (e.g. G1002) or SecureWorks’ legacy TG-[XXXX] (e.g. TG-3279), are mere identification numbers and their names do not reveal anything about the threat actor.

“We use a sober, or even dull, naming convention because we don’t want to glamorise those groups,” Collier added.

What is this, a Microsoft naming scheme?

kagis

Sounds like it.

https://blogs.microsoft.com/on-the-issues/2024/09/17/russian-election-interference-efforts-focus-on-the-harris-walz-campaign/

A Chinese-linked influence actor Microsoft tracks as Storm-1852 successfully pivoted to short-form video content that criticizes the Biden administration and Harris campaign before some of its assets disappeared from social media following reports of its activity. While most Storm-1852 personas masquerade as conservative US voters voting for Trump, a handful of accounts also create anti-Trump content and use political slogans and hashtags associated with American progressive politics.

[–] [email protected] 7 points 1 month ago (4 children)
[–] [email protected] 8 points 1 month ago* (last edited 1 month ago) (2 children)

looks at list

Microsoft's list of allocated names apparently includes:

  • Crimson Sandstorm

  • Diamond Sleet

  • Ghost Blizzard

  • Leopard Typhoon

  • Luna Tempest

  • Night Tsunami

  • Silk Typhoon

  • Star Blizzard

This does not pass my basic sniff test of being able to tell whether a name is a group from a hostile intelligence agency or the latest Razer gaming product, a cyberpunk video game gang name, or a video gaming guild name.

https://robinpiree.com/blog/guild-names

  • Twilight Vanguard

  • Crimson Shadows

That's too similar in my book.

[–] [email protected] 4 points 1 month ago (1 children)

I'm getting strong Mega Man X vibes from this.

[–] [email protected] 1 points 1 month ago

They'd probably be killer metroidvanias

[–] [email protected] 4 points 1 month ago

Is Darude Sandstorm on the list?

load more comments (1 replies)
load more comments (4 replies)