Russia’s ‘Fighting Ursa’ APT Uses Car Ads to Install HeadLace Malware

August 5, 2024 at 07:47AM Fighting Ursa, a prolific Russian cyber threat group, is targeting diplomats with a used car sale phishing scheme, distributing HeadLace backdoor malware. The attack, which involves disguising executables as image files, aims to establish persistent access for data theft and surveillance. The group has a history of high-profile cyber offensives … Read more

FrostyGoop ICS Malware Left Ukrainian City’s Residents Without Heating

July 23, 2024 at 06:27AM Industrial cybersecurity firm Dragos recently disclosed details on FrostyGoop, a new malware impacting industrial control systems (ICS). The malware was used in an attack in January 2024, resulting in a disruption to a municipal district energy company in Lviv, Ukraine. This incident caused a loss of heating for residents and … Read more

LockBit ransomware admin identified, sanctioned in US, UK, Australia

May 7, 2024 at 10:07AM The FBI, UK National Crime Agency, and Europol have revealed the identity of the Russian threat actor behind the LockBit ransomware operation, as Dmitry Yuryevich Khoroshev. Sanctions and indictments have been imposed, with a $10 million reward offered. Law enforcement also obtained 2,500 decryption keys and disrupted the ransomware infrastructure … Read more

French government sites disrupted by très grande DDoS

March 12, 2024 at 02:33AM French government websites have been hit by a severe distributed denial of service attack. The attack, attributed to “Anonymous Sudan,” was assisted by Russian actors. Despite no disclosed motive, it’s speculated to be tied to European involvement in Ukraine. The attack disrupted various government departments, including the Prime Minister’s office. … Read more

Russian APT Used Zero-Click Outlook Exploit

December 8, 2023 at 10:18AM Russian threat actor APT28 is exploiting a no-interaction Outlook vulnerability in attacks across 14 countries. This was reported on SecurityWeek. Based on the meeting notes, the key takeaway is that a Russian threat actor known as APT28 has been utilizing a zero-click Outlook exploit to carry out attacks on 14 … Read more