October 21, 2024 at 08:06PM Two Russian hacking groups, NoName057(16) and the Russian Cyber Army Team, have launched DDoS attacks on Japanese logistics, shipbuilding firms, and government entities. The attacks follow Japan’s increased defense budget and military collaboration with allies, highlighting tensions in geopolitical rivalries amid Japan’s largest military buildup since World War II. ### … Read more
April 22, 2024 at 09:33AM Shadowy Russian hacktivist group linked to cyberattack on Texas water system. Attempts reported in three small towns. Local officials claim public was not in danger. Cybersecurity firm links attack to Russian group with potential military ties. FBI and Homeland Security involved. Other foreign cyberattacks on U.S. water facilities also mentioned. … Read more
February 4, 2024 at 12:19PM Russian state-sponsored APT28 group has been actively conducting NTLM v2 hash relay attacks since April 2022, targeting various industries worldwide. Managed by Russia’s GRU military intelligence, the group employs multiple aliases and has a history of spear-phishing and using router vulnerabilities to carry out attacks. Their tactics continue to evolve … Read more
January 5, 2024 at 03:27AM Ukrainian authorities reported a cyber attack by the Russian state-sponsored group Sandworm, which breached telecom operator Kyivstar’s systems, leading to service disruption for millions. A Russia-linked hacking group, Solntsepyok, claimed responsibility. The attack wiped out data from thousands of servers, and the Security Service of Ukraine suspects the attackers had … Read more
December 7, 2023 at 10:06AM The COLDRIVER threat actor, tracked as Star Blizzard by Microsoft and linked to Russia’s FSB, has been targeting entities aligned with Russian interests using advanced credential theft and evasion techniques. They use impersonating domains, email campaigns, and server-side scripts for phishing while avoiding detection. Recently, the U.K. sanctioned two of … Read more
November 27, 2023 at 01:25PM Ukraine’s intelligence service claims to have hacked Russia’s Federal Air Transport Agency, ‘Rosaviatsia,’ and exposed problems in Russia’s aviation sector. The stolen documents reveal that Russian airlines are struggling with maintenance due to Western sanctions on spare parts and software updates. The data also shows a significant increase in accidents … Read more
November 1, 2023 at 03:49AM Turla, a Russia-linked hacking group, is using an updated version of a backdoor called Kazuar that emphasizes stealth and evasion techniques, according to Palo Alto Networks Unit 42. Kazuar, a .NET-based implant first discovered in 2017, has been improved by the threat actor behind the operation to enhance their attack … Read more
October 25, 2023 at 09:41AM The Winter Vivern Russian hacking group has been targeting European government entities and think tanks since at least October 11 by exploiting a zero-day vulnerability in Roundcube Webmail. The Roundcube development team has released security updates to fix the vulnerability. The group, also known as TA473, uses phishing emails containing … Read more
October 25, 2023 at 09:19AM The Winter Vivern Russian hacking group has been targeting European government entities and think tanks since at least October 11. They have been exploiting a Roundcube Webmail zero-day vulnerability and using phishing emails to inject arbitrary JavaScript code. The group has also targeted Zimbra and previously exploited vulnerabilities in Roundcube … Read more