DNS
Russian Hackers Exploit Routers to Steal Credentials
The UK NCSC has published details of APT28 (Russian GRU unit 26165) exploiting routers to hijack DNS settings, enabling adversary-in-the-middle attacks that harvest passwords and OAuth tokens.
2 min readSource: NCSC-UK news