Russia targets Ukrainian conscripts with Windows, Android malware

October 28, 2024 at 02:41PM A hybrid espionage campaign by Russian group UNC5812 targets Ukrainian military recruits with malware disguised as a “recruitment avoidance” app, “Sunspinner.” It spreads via a fake “Civil Defense” persona on Telegram. Google has implemented protective measures but highlights ongoing cyber-warfare threats. Malware includes data theft and spying tools. **Meeting Takeaways: … Read more

Moscow-adjacent GoldenJackal gang strikes air-gapped systems with custom malware

October 9, 2024 at 07:37PM The cyberespionage group GoldenJackal hacked air-gapped government and diplomatic PCs using custom malware twice, targeting a European government from May 2022 to March 2024 and a South Asian embassy in 2019. This Russian-speaking group has developed sophisticated tools over several years, employing various infection methods for data theft. ### Meeting … Read more

UK and allies expose Russian FSB hacking group, sanction members

December 7, 2023 at 11:40AM The UK and US warn of Russian state-aligned Callisto Group’s global spear-phishing attacks targeting data and credentials. Active since 2015, Callisto employs sophisticated social engineering and cyber tactics, recently shifting techniques to evade detection. Two group members have been sanctioned for undermining UK democracy. Meeting Takeaways: 1. The Russian state-backed … Read more

Microsoft Warns of Kremlin-Backed APT28 Exploiting Critical Outlook Vulnerability

December 5, 2023 at 03:12AM Microsoft identified activity by Russian-supported threat group Forest Blizzard (also known as APT28 and other names) exploiting a severe Outlook security flaw, CVE-2023-23397, to access email accounts on Exchange servers. The group targeted various sectors and used the bug to maintain unauthorized mailbox access. Microsoft patched the bug in March … Read more

Today’s ‘China is misbehaving online’ allegations come from Google, Meta

November 30, 2023 at 10:06PM Meta reported it removed over 4,700 Facebook accounts engaged in inauthentic behavior, with some China-related content targeting India and Tibet. Google noticed increased sophisticated cyberattacks from China against Taiwan and various industries, tracking over 100 Beijing-backed groups. Both companies suggest China’s active use of cyber strategies to further its interests … Read more