Two of the Kremlin’s most active hacking units recently were spotted collaborating in malware attacks that compromise high-value devices located in Ukraine, security researchers said Friday. One of the groups is Turla, which is easily one of the world’s most sophisticated advanced persistent threats (well-organized and well-funded …
A zero-day vulnerability in WinRAR is being exploited by at least two Russian criminal groups: The vulnerability seemed to have super Windows powers. It abused alternate data streams, a Windows feature that allows different ways of representing the same file path. The exploit abused that feature to trigger a …
Russian-state hackers are targeting foreign embassies in Moscow with custom malware that gets installed using adversary-in-the-middle attacks that operate at the ISP level, Microsoft warned Thursday. The campaign has been ongoing since last year. It leverages ISPs in that country, which are obligated to work on behalf of the …
Looks serious. [...]
Russia’s biggest airline cancelled dozens of flights on Monday following a failure of the state-owned company’s IT systems and, according to a Russian lawmaker and pro-Ukrainian hackers, was the result of a cyberattack, it was widely reported. The airline, Aeroflot, said it cancelled about 40 flights following …
CSRI finds China and Russia may be coordinating ‘grey zone’ tactics against vulnerable western infrastructure China and Russia are stepping up sabotage operations targeting undersea cables and the UK is unprepared to meet the mounting threat, according to new analysis. A report by the China Strategic Risks Institute (CSRI …
You can read the details of Operation Spiderweb elsewhere. What interests me are the implications for future warfare: If the Ukrainians could sneak drones so close to major air bases in a police state such as Russia, what is to prevent the Chinese from doing the same with U …
Russia is proposing a rule that all foreigners in Moscow install a tracking app on their phones. Using a mobile application that all foreigners will have to install on their smartphones, the Russian state will receive the following information: Residence location Fingerprint Face photograph Real-time geo-location monitoring This isn …
Arrest warrants issued for ringleaders after investigation by police in Europe and North America European and North American cybercrime investigators say they have dismantled the heart of a malware operation directed by Russian criminals after a global operation involving British, Canadian, Danish, Dutch, French, German and US police. International …
Russian military personnel are being targeted with recently discovered Android malware that steals their contacts and tracks their location. The malware is hidden inside a modified app for Alpine Quest mapping software, which is used by, among others, hunters, athletes, and Russian personnel stationed in the war zone in …
Former CISA Director Jen Easterly writes about a new international intelligence sharing co-op: Historically, China, Russia, Iran & North Korea have cooperated to some extent on military and intelligence matters, but differences in language, culture, politics & technological sophistication have hindered deeper collaboration, including in cyber. Shifting geopolitical dynamics, however, could …
This isn’t new, but it’s increasingly popular : The technique is known as device code phishing. It exploits “device code flow,” a form of authentication formalized in the industry-wide OAuth standard. Authentication through device code flow is designed for logging printers, smart TVs, and similar devices into accounts …
Researchers have uncovered a sustained and ongoing campaign by Russian spies that uses a clever phishing technique to hijack Microsoft 365 accounts belonging to a wide range of targets, researchers warned. The technique is known as device code phishing. It exploits “device code flow,” a form of authentication formalized …