July 23, 2024 at 01:36PM The FrostyGoop malware, linked to Russian threat groups, was used in a cyberattack in January 2024 to disrupt the heating in over 600 apartment buildings in Lviv, Ukraine. The attackers breached the network a year earlier and exploited vulnerabilities in industrial control systems. Organizations are advised to implement specific cybersecurity … Read more
July 23, 2024 at 06:27AM Industrial cybersecurity firm Dragos recently disclosed details on FrostyGoop, a new malware impacting industrial control systems (ICS). The malware was used in an attack in January 2024, resulting in a disruption to a municipal district energy company in Lviv, Ukraine. This incident caused a loss of heating for residents and … Read more
July 23, 2024 at 05:05AM A new malware called FrostyGoop has been linked to an attack in January 2024 that disrupted heating services in 600 apartments in Lviv, Ukraine. This malware allows attackers to interact with industrial control systems using the Modbus protocol. The attack involved sending unauthorized commands to heating system controllers, resulting in … Read more
April 26, 2024 at 09:57AM Unknown threat actors targeted Ukrainian government entities using an old Microsoft Office RCE exploit (CVE-2017-8570) to deliver a malicious PowerPoint file via Signal. The attack involved a Russian VPS and Cobalt Strike Beacon for information theft. The campaign’s advanced masquerading and evasive techniques pose challenges for detection and attribution. Enhanced … Read more
December 21, 2023 at 04:21PM Moscow-based water utility company Rosvodokanal has been incapacitated by a cyberattack allegedly conducted by the Ukraine-aligned “Blackjack” group, causing significant damage to its IT infrastructure and resulting in the deletion of over 50TB of data. Ukraine security services are reviewing 1.5TB of exfiltrated data. The attack is seen as retaliation … Read more