October 25, 2024 at 05:56AM AWS has seized domains utilized by the Russian hacker group APT29, known for phishing attacks against Ukraine and other nations. This action aims to disrupt their malicious activities. The announcement was made in a post on SecurityWeek. **Meeting Takeaways:** 1. **Event Announcement**: AWS has announced the seizure of domains associated … Read more
October 10, 2024 at 06:18PM Ukraine’s cyber police arrested a 28-year-old for operating an illegal VPN service that enabled access to the Russian internet (Runet), violating national security laws. The service facilitated significant network traffic and could lead to a 15-year prison sentence. Police seized equipment and are investigating possible accomplices and Russian connections. ### … Read more
October 8, 2024 at 02:36AM Ukrainian hackers disrupted Russian state news agency VGTRK’s online services on Putin’s birthday. Kremlin officials condemned the “unprecedented” cyber attack and vowed to bring the perpetrators to justice. VGTRK reported no significant damage, while Russian officials blamed the “collective West” and promised to raise the issue at international venues. “sudo … Read more
October 8, 2024 at 02:06AM Ukraine claims responsibility for a cyber attack on Russia’s state media VGTRK. The attack disrupted operations but caused no significant damage. Russian media reports the hackers wiped everything from servers. The attack is believed to be the work of a pro-Ukrainian hacker group. Cyber attacks have intensified amidst the Russo-Ukrainian … Read more
September 21, 2024 at 10:19AM Ukraine restricts government officials, military, and critical infrastructure workers from using Telegram due to national security concerns. The ban was announced by the National Coordination Centre for Cybersecurity, citing the app’s use by the enemy for cyber attacks and intelligence gathering. Personal phones and official duties are exempt from the … Read more
June 7, 2024 at 03:54AM Ukraine’s CERT-UA warns of cyber attacks targeting defense forces with SPECTR malware, part of espionage campaign SickSync. Attacks attributed to UAC-0020 (Vermin), associated with Luhansk People’s Republic. SPECTR steals information by grabbing screenshots, harvesting files, and stealing credentials. Vermin group observed previously orchestrating phishing campaigns using SPECTR. CERT-UA also warned … Read more
May 31, 2024 at 02:38AM Cloudflare’s threat intel team thwarted a month-long phishing and espionage attack targeting Ukraine, attributed to Russia-aligned group FlyingYeti. The attack targeted financially strained citizens after a government moratorium on evictions and utility disconnections ended. Cloudforce One stopped the threat, but the target base might have been vast. FlyingYeti intended to … Read more
May 30, 2024 at 01:27PM Cloudflare disrupted a phishing campaign by Russia-aligned threat actor FlyingYeti targeting Ukraine. The campaign used debt-themed lures to distribute the PowerShell malware COOKBOX. Cloudforce One identified the campaign in mid-April 2024, involving Cloudflare Workers and GitHub, and exploiting a WinRAR vulnerability. Another financially motivated group, UAC-0006, was also identified by … Read more
April 22, 2024 at 08:34AM The Russian hacker group Sandworm, also known as BlackEnergy, Seashell Blizzard, Voodoo Bear, and APT44, carried out disruptive cyberattacks on critical infrastructure in Ukraine. The attacks targeted energy, water, and heating suppliers, exploiting weaknesses in cybersecurity practices. CERT-UA conducted counter-cyberattack operations from March 7 to March 15, 2024, and identified … Read more
April 18, 2024 at 04:03AM Cybercrime experts surveyed reveal expected leaders Russia, Ukraine, and China as top cybercrime-producing nations, along with surprising results. Based on the meeting notes, the clear takeaway is that the top cybercrime-producing nations, according to a survey of experts, include expected leaders Russia, Ukraine, and China, as well as some surprises. … Read more