Enlarge (credit: Getty Images) Researchers have unearthed never-before-seen wiper malware tied to the Kremlin and an operation two years ago that took out more than 10,000 satellite modems located mainly in Ukraine on the eve of Russia’s invasion of its neighboring country. AcidPour, as researchers from security …
Enlarge (credit: Getty Images) More than 1,000 Ubiquiti routers in homes and small businesses were infected with malware used by Russian-backed agents to coordinate them into a botnet for crime and spy operations, according to the Justice Department. That malware, which worked as a botnet for the Russian …
Enlarge (credit: Getty Images) A core developer of Nginx, currently the world's most popular web server, has quit the project, stating that he no longer sees it as "a free and open source project... for the public good." His fork, freenginx, is "going to be run by developers, and …
The future of cybercrime resembles an arms race between an industry of hackers-for-hire and the UK’s weak defences It is not quite accurate to say that the cyber-attack against the British Library took place on 28 October 2023. Most probably, Rhysida, the hacker gang that orchestrated the attack …
Microsoft is reporting that a Russian intelligence agency—the same one responsible for SolarWinds—accessed the email system of the company’s executives. Beginning in late November 2023, the threat actor used a password spray attack to compromise a legacy non-production test tenant account and gain a foothold, and …
The Solntsepek group has taken credit for the attack. They’re linked to the Russian military, so it’s unclear whether the attack was government directed or freelance. This is one of the most significant cyberattacks since Russia invaded in February 2022. [...]
Enlarge / A service center for "Kyivstar", a Ukrainian telecommunications company, that provides communication services and data transmission based on a broad range of fixed and mobile technologies. (credit: Getty Images) Ukrainian civilians on Wednesday grappled for a second day of widespread cellular phone and Internet outages after a cyberattack …
Gang thought to be from Russia or CIS has attacked companies and institutions in several countries A new name was added to the cyber-rogues’ gallery of ransomware gangs this week after a criminal group called Rhysida claimed responsibility for an attack on the British Library. The library confirmed that …
A new worm that spreads via USB sticks is infecting computers in Ukraine and beyond. The group—known by many names, including Gamaredon, Primitive Bear, ACTINIUM, Armageddon, and Shuckworm—has been active since at least 2014 and has been attributed to Russia’s Federal Security Service by the Security …
Enlarge (credit: Getty Images) A group of Russian-state hackers known for almost exclusively targeting Ukrainian entities has branched out in recent months, either accidentally or purposely, by allowing USB-based espionage malware to infect a variety of organizations in other countries. The group—known by many names, including Gamaredon, Primitive …
Enlarge / Ukrainian soldiers. (credit: Getty Images) Russia’s military intelligence unit has been targeting Ukrainian Android devices with “Infamous Chisel,” the tracking name for new malware that’s designed to backdoor devices and steal critical information, Western intelligence agencies said on Thursday. “Infamous Chisel is a collection of components …
Enlarge / Viktor Zhora from Ukraine’s information protection service, says cyber has become a major component of hybrid warfare. (credit: Dragonflypd.com/Black Hat) Viktor Zhora, the public face of Ukraine’s success against Russian cyberattacks, received a hero’s welcome earlier this month on stage at Black Hat …
Turns out that it’s easy to broadcast radio commands that force Polish trains to stop:...the saboteurs appear to have sent simple so-called “radio-stop” commands via radio frequency to the trains they targeted. Because the trains use a radio system that lacks encryption or authentication for those commands …
Enlarge (credit: Getty Images) Hackers working for Russia’s Federal Security Service have mounted multiple cyberattacks that used USB-based malware to steal large amounts of data from Ukrainian targets for use in its ongoing invasion of its smaller neighbor, researchers said. “The sectors and nature of the organizations and …
A cybercrime group has exploited a flaw in MOVEit software and is demanding a ransom British Airways, Boots and the BBC have been hit with an ultimatum to begin ransom negotiations from a cybercrime group after employees’ personal data was stolen in a hacking attack. It emerged on Wednesday …
Reuters is reporting that the FBI “had identified and disabled malware wielded by Russia’s FSB security service against an undisclosed number of American computers, a move they hoped would deal a death blow to one of Russia’s leading cyber spying programs.” The headline says that the FBI …
Another nation-state malware, Russian in origin: In the early stages of the war in Ukraine in 2022, PIPEDREAM, a known malware was quietly on the brink of wiping out a handful of critical U.S. electric and liquid natural gas sites. PIPEDREAM is an attack toolkit with unmatched and …
Now this is interesting: Thousands of pages of secret documents reveal how Vulkan’s engineers have worked for Russian military and intelligence agencies to support hacking operations, train operatives before attacks on national infrastructure, spread disinformation and control sections of the internet. The company’s work is linked to …
Documents leaked from Vulkan cybersecurity firm also raise questions about role of IT engineers behind information-control project A consortium of media outlets have published a bombshell investigation about Russia’s cyber-capabilities, based on a rare leak of documents. The files come from NTC Vulkan, a cybersecurity firm in Moscow …
• Documents leaked by whistleblower angry over Ukraine war • Private Moscow consultancy bolstering Russian cyberwarfare • Tools support hacking operations and attacks on infrastructure • Documents linked to notorious Russian hacking group Sandworm • Russian program aims to control internet and spread disinformation The inconspicuous office is in Moscow’s north-eastern suburbs. A …
Enlarge / Locked out. (credit: Sean Gladwell / Getty Images ) Threat actors aligned with Russia and Belarus are targeting elected US officials supporting Ukraine, using attacks that attempt to compromise their email accounts, researchers from security firm Proofpoint said. The campaign, which also targets officials of European nations, uses malicious JavaScript …
The Aspen Institute has published a good analysis of the successes, failures, and absences of cyberattacks as part of the current war in Ukraine: “ The Cyber Defense Assistance Imperative Lessons from Ukraine.” Its conclusion: Cyber defense assistance in Ukraine is working. The Ukrainian government and Ukrainian critical infrastructure organizations …
They’re using commercial phones, which go through the Ukrainian telecom network : “You still have a lot of soldiers bringing cellphones to the frontline who want to talk to their families and they are either being intercepted as they go through a Ukrainian telecommunications provider or intercepted over the …
Enlarge / Fawley Oil Refinery on a bright day. (credit: Getty Images) One of the Kremlin’s most active hacking groups targeting Ukraine recently tried to hack a large petroleum refining company located in a NATO country. The attack is a sign that the group is expanding its intelligence gathering …
Mandiant is reporting on a trojaned Windows installer that targets Ukrainian users. The installer was left on various torrent sites, presumably ensnaring people downloading pirated copies of the operating system: Mandiant uncovered a socially engineered supply chain operation focused on Ukrainian government entities that leveraged trojanized ISO files masquerading …