October 19, 2024 at 03:54AM A new threat group named Crypt Ghouls is targeting Russian businesses and government agencies with ransomware attacks aimed at disruption and financial gain. They utilize various tools and exploit contractor credentials via VPNs. The ransomware used includes LockBit 3.0 and Babuk, complicating the identification of specific malicious actors. ### Meeting … Read more
September 9, 2024 at 10:03PM Poland’s security officials have thwarted cyberattacks and online blackmail attempts by groups affiliated with Russian and Belarusian services. They have recorded up to 1,000 daily online attacks targeting government institutions, linked to their support for Ukraine. More than 400,000 cyberattacks were recorded in the first half of 2024, prompting the … Read more
August 12, 2024 at 02:15PM Impersonating the Security Service of Ukraine, attackers used malicious emails to target government agencies, infecting over 100 computers with AnonVNC malware. The emails included a link to a malicious attachment, and the attacks began in July 2024. This incident adds to a series of cyber attacks targeting Ukraine, including the … Read more
August 12, 2024 at 12:27AM Russian government and IT organizations are targets of a spear-phishing campaign, codenamed EastWind. The attack deploys backdoors and trojans through booby-trapped LNK files, leveraging DLL side-loading techniques. Malware variants GrewApacha, CloudSorcerer, and PlugY are used for espionage, exfiltration, and data theft via various platforms including Dropbox and GitHub. Additionally, a … Read more
July 8, 2024 at 02:28PM Cyber threats against NATO are on the rise, with primary adversaries being Russian and Chinese nation state actors, financially motivated criminal activity, and ideologically driven hacktivists. APT29, COLDRIVER, and APT44 are Russian state actors involved in cyber espionage and hybrid warfare. Chinese espionage has focused on using zero-day vulnerabilities and … Read more
June 22, 2024 at 07:54AM ExCobalt, a cybercrime gang, is targeting Russian organizations with a new Golang-based backdoor called GoRed. The group engages in cyber espionage, using various sophisticated tools to attack sectors like government, IT, metallurgy, and telecommunications. ExCobalt demonstrates a high level of activity, constantly improving techniques and flexibly adapting its toolset to … Read more
April 15, 2024 at 09:54AM Cybersecurity firm Claroty analyzed Fuxnet, an ICS malware used by Ukrainian hackers in attacks on Russian infrastructure. Hacker group Blackjack allegedly caused damage and exfiltrated data, claiming to disable Russia’s industrial sensor infrastructure. Claroty confirmed Fuxnet targeted 500 sensor gateways in Moscow, attempting physical destruction but likely not harmful to … Read more
November 15, 2023 at 05:39AM Australia’s signals intelligence agency has warned that the country faces an ongoing threat from state-sponsored hackers, particularly from Russia and China. The agency highlighted the danger of cyberattacks on critical infrastructure, such as water supplies and electricity grids. The recently formed AUKUS defense pact with the UK and US could … Read more