October 22, 2024 at 02:15PM A new phishing campaign targets Russian-speaking users, using the Gophish toolkit to distribute DarkCrystal RAT and PowerRAT trojans. Attackers employ malicious documents and HTML links to trigger infections that allow remote access and data exfiltration. The evolving threats emphasize advanced techniques to evade detection and enhance malware effectiveness. ### Meeting … Read more
August 15, 2024 at 08:57AM Russian and Belarusian NGOs, media, and international organizations in Eastern Europe are targeted by spear-phishing campaigns linked to Russian government interests. One campaign, River of Phish, is attributed to a collective with ties to Russia’s Federal Security Service, while the second, COLDWASTREL, uses similar tactics. The attacks employ personalized social … Read more
June 22, 2024 at 02:18AM The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) imposed sanctions on 12 senior leaders of Kaspersky Lab after the company was banned by the Commerce Department over national security concerns. The sanctions do not extend to the company itself or its founder. Russia has criticized the … Read more
June 4, 2024 at 12:06PM Russian organizations have been targeted in cyber attacks delivering a Windows version of the Decoy Dog malware by the HellHounds group. The advanced persistent threat (APT) group compromises organizations, remaining undetected for years. The malware includes a custom variant of the open-source Pupy RAT and is designed to maintain covert … Read more
November 9, 2023 at 03:07AM Russian cyberattack group Sandworm was responsible for the coordinated cyberattack and power outage in Ukraine last year, according to Mandiant’s threat intel team. The attack targeted a power plant, compromising its operational technology (OT) environment through a hypervisor hosting a supervisory control and data acquisition (SCADA) management instance. Sandworm executed … Read more