Spy v Spy: Russian APT Turla Caught Stealing from Pakistani APT

December 4, 2024 at 12:02PM Russian hackers, known as Turla, spent two years infiltrating Pakistani cyberspies, gaining access to sensitive South Asian government networks. By commandeering Pakistani command servers, Turla deployed its own malware and extracted valuable data. This operation showcases their strategy of exploiting other threat actors’ infrastructures for espionage without revealing their own … Read more

Microsoft and DOJ disrupt Russian FSB hackers’ attack infrastructure

October 3, 2024 at 02:04PM Microsoft and the Justice Department have seized over 100 domains used by the Russian ColdRiver hacking group to target US government employees and nonprofit organizations worldwide. Linked to Russia’s FSB, the group used spear-phishing attacks to target various victims, including US-based companies and employees from intelligence and defense departments. This … Read more

DOJ, Microsoft seize 107 domains used in Russia’s Star Blizzard phishing attacks

October 3, 2024 at 12:03PM The US Department of Justice and Microsoft cooperated to seize 107 websites used by Russian cyberspies in a phishing campaign. The targets included US government agencies, think tanks, and other victims. The action disrupted the operations of the Russian Federal Security Service (FSB) hacking unit and led to criminal charges … Read more

US Announces Charges, Sanctions Against Russian Administrator of Carding Website

September 27, 2024 at 08:45AM The US government has offered rewards of up to $10 million for information leading to the arrest of two Russian nationals involved in operating and laundering proceeds from carding websites. Joker’s Stash, a marketplace for stolen payment card data, is estimated to have generated illegal profits in the range of … Read more

Russian military hackers linked to critical infrastructure attacks

September 5, 2024 at 02:03PM The United States and its allies have linked Russian military intelligence hackers to Unit 29155 of Russia’s Main Directorate of the General Staff of the Armed Forces. The hackers have been carrying out sabotage and cyberattacks in Europe and North America since 2020. The U.S. State Department announced a reward … Read more

In Other News: Automotive CTF, Deepfake Scams, Singapore’s OT Security Masterplan

August 30, 2024 at 09:00AM SecurityWeek’s cybersecurity news roundup offers a concise compilation of significant stories often overlooked. This week’s highlights include Singapore’s updated OT cybersecurity masterplan, the arrest of a Russian accused of laundering cryptocurrency for North Korean hackers, developments in preventing errors in quantum computing, and several cybersecurity threats such as attacks on … Read more

Google Catches Russian APT Reusing Exploits From Spyware Merchants NSO Group, Intellexa

August 29, 2024 at 09:48AM Google TAG has identified evidence of Russian state-backed hackers using iOS and Chrome exploits previously associated with commercial spyware vendors NSO Group and Intellexa. These exploits have been used in high-profile corporate hacks, including a breach at Microsoft. The hackers have been observed using exploits against iOS and Android devices, … Read more

Russian APT29 hackers use iOS, Chrome exploits created by spyware vendors

August 29, 2024 at 09:05AM Between November 2023 and July 2024, the Russian state-sponsored APT29 group, also known as “Midnight Blizzard,” utilized iOS and Android exploits in cyberattacks on Mongolian government websites. Google’s Threat Analysis Group identified the group’s use of n-day flaws that remain effective on devices not updated. APT29’s exploits overlapped with those … Read more

How Lessons Learned From the 2016 Campaign Led US Officials to Be More Open About Iran Hack

August 28, 2024 at 06:54AM Amid the 2016 U.S. presidential campaign, Russian hacking of Democrats sparked concerns. Investigations remained silent until a month before the election, confirming Russian interference. In 2020, officials swiftly identified Iran as the culprit of another hack, reflecting a more transparent response. Efforts to counter foreign influence include a reorganization and … Read more

WWH-Club credit card market admins arrested after cash spending spree

August 10, 2024 at 12:28PM Two suspects, Pavel Kublitskii and Alexandr Khodyrev, were arrested in Florida for their roles in the cybercrime platform WWH-Club, known for selling stolen credit cards and offering training for cybercriminals. The two lived lavishly without evidence of legal employment, drawing law enforcement’s attention, and now face charges with possible prison … Read more