August 1, 2024 at 03:42PM Two Russian prisoners, Vladislav Klyushin and Roman Seleznev, were part of a high-profile prisoner swap between the U.S., Russia, Germany, and Western nations. Klyushin, connected to the Kremlin, was serving a 9-year sentence for a stock market cheating scheme, while Seleznev was sentenced to 27 years for hacking and stealing … Read more
July 22, 2024 at 10:36AM The US Department of Treasury imposed sanctions on Yuliya Vladimirovna Pankratova and Denis Olegovich Degtyarenko, leaders of the Russian hacktivist group CARR, for cyberattacks targeting critical infrastructure in the US and Europe. CARR’s activities, including compromising industrial control systems, have led to significant security concerns, resulting in sanctions and asset … Read more
July 19, 2024 at 09:54AM Two Russian nationals plead guilty in U.S. court for their involvement in the LockBit ransomware scheme, facilitating attacks worldwide. Ruslan Magomedovich Astamirov and Mikhail Vasiliev were accused of deploying the ransomware, demanding and receiving millions in ransom payments. Their sentencing is set for January 8, 2025. This comes after the … Read more
July 5, 2024 at 09:07AM Cybercriminal activity has increased around the Euro 2024 football tournament, with over 15,000 UEFA credentials exposed on underground forums. Threat intelligence firm Cyberint warns of potential risks for fans and their employers due to stolen corporate credentials. The tournament has already been targeted by DDoS attacks and is expected to … Read more
May 13, 2024 at 04:04PM Russian hackers hijacked Ukrainian TV channels to air a Victory Day parade honoring WWII defeat of Nazi Germany. At least 15 channels were interrupted and replaced with Russian footage. Astra communication satellites owned by Luxembourg-based SES were disrupted. Ukraine urges TV broadcasters to use alternative methods. Latvian network Balticom was … Read more
April 22, 2024 at 01:25PM Microsoft warns of the Russian APT28’s GooseEgg tool exploiting Windows Print Spooler vulnerability to escalate privileges and steal data. The group, linked to Russia’s GRU, deploys GooseEgg using Windows batch scripts, dropping a malicious DLL to gain SYSTEM-level access. GooseEgg has been used in cyber attacks against various government and … Read more
April 22, 2024 at 08:34AM The Russian hacker group Sandworm, also known as BlackEnergy, Seashell Blizzard, Voodoo Bear, and APT44, carried out disruptive cyberattacks on critical infrastructure in Ukraine. The attacks targeted energy, water, and heating suppliers, exploiting weaknesses in cybersecurity practices. CERT-UA conducted counter-cyberattack operations from March 7 to March 15, 2024, and identified … Read more
April 17, 2024 at 01:13PM Russian military intelligence-linked group Sandworm, also known as APT44, has been conducting cyber attacks by posing as hacktivist groups on multiple Telegram channels. The group employs various methods, including phishing and supply-chain compromise, to target Ukraine and other countries, with potential plans to interfere in national elections. Sandworm has transitioned … Read more
April 11, 2024 at 04:36PM CISA issued an emergency directive for federal agencies to search for signs of a Russian APT that breached Microsoft’s network. The directive requires analysis of compromised emails, resetting of credentials, and securing of Azure accounts. CISA and Microsoft notified affected federal agencies and agreed to provide metadata. The breach follows … Read more
March 22, 2024 at 03:33PM Researchers warn that a Russian intelligence-linked hacking group, APT29, has shifted focus to target political parties in Germany, utilizing phishing tactics to deploy backdoor malware, WineLoader. This marks a significant change for the group, previously known for targeting governments and embassies. The shift suggests an intention to influence or monitor … Read more