The Ukrainian army has released an instructional video explaining how Russian soldiers should surrender to a drone: “Seeing the drone in the field of view, make eye contact with it,” the video instructs. Soldiers should then raise their arms and signal they’re ready to follow. After that the …
Kaspersky is reporting on a data wiper masquerading as ransomware that is targeting local Russian government networks. The Trojan corrupts any data that’s not vital for the functioning of the operating system. It doesn’t affect files with extensions.exe,.dll,.lnk,.sys or.msi, and ignores several …
Enlarge Mayors' offices and courts in Russia are under attack by never-before-seen malware that poses as ransomware but is actually a wiper that permanently destroys data on an infected system, according to security company Kaspersky and the Izvestia news service. Kaspersky researchers have named the wiper CryWiper, a nod …
Computer code developed by a company called Pushwoosh is in about 8,000 Apple and Google smartphone apps. The company pretends to be American when it is actually Russian. According to company documents publicly filed in Russia and reviewed by Reuters, Pushwoosh is headquartered in the Siberian town of …
Found documents in Poland detail US spying operations against the former Soviet Union. The file details a number of bugs found at Soviet diplomatic facilities in Washington, D.C., New York, and San Francisco, as well as in a Russian government-owned vacation compound, apartments used by Russia personnel, and …
Enlarge (credit: gwengoat | Getty Images) The Ukrainian government on Monday warned that the Kremlin is planning to carry out “massive cyberattacks” targeting power grids and other critical infrastructure in Ukraine and in the territories of its allies. “By the cyberattacks, the enemy will try to increase the effect of …
The Russian hacking group Turla released an Android app that seems to aid Ukrainian hackers in their attacks against Russian networks. It’s actually malware, and provides information back to the Russians: The hackers pretended to be a “community of free people around the world who are fighting russia …
Interesting paper by Lennart Maschmeyer: “ The Subversive Trilemma: Why Cyber Operations Fall Short of Expectations “: Abstract: Although cyber conflict has existed for thirty years, the strategic utility of cyber operations remains unclear. Many expect cyber operations to provide independent utility in both warfare and low-intensity competition. Underlying these expectations …
Enlarge (credit: Getty Images) For years, Dmitriy Sergeyevich Badin sat atop the FBI’s most-wanted list. The Russian government-backed hacker has been suspected of cyberattacks on Germany’s Bundestag and the 2016 Olympics, held in Rio de Janeiro. A few weeks into Russia’s invasion of Ukraine, his own …
Microsoft has a comprehensive report on the dozens of cyberattacks — and even more espionage operations — Russia has conducted against Ukraine as part of this war: At least six Russian Advanced Persistent Threat (APT) actors and other unattributed threats, have conducted destructive attacks, espionage operations, or both, while Russian military …
Cybersecurity officials said the evidence suggests Russia is behind the tools – configured to target North American energy concerns Multiple US government agencies issued a joint alert Wednesday warning of the discovery of malicious cyber tools created by unnamed advanced threat actors that they said were capable of gaining “full …
A Russian cyberweapon, similar to the one used in 2016, was detected and removed before it could be used. Key points: ESET researchers collaborated with CERT-UA to analyze the attack against the Ukrainian energy company The destructive actions were scheduled for 2022-04-08 but artifacts suggest that the attack had …
Enlarge (credit: Getty Images | Sundry Photography) More than half a decade has passed since the notorious Russian hackers known as Sandworm targeted an electrical transmission station north of Kyiv a week before Christmas in 2016, using a unique, automated piece of code to interact directly with the station's circuit …
The Justice Department announced the disruption of a Russian GRU-controlled botnet: The Justice Department today announced a court-authorized operation, conducted in March 2022, to disrupt a two-tiered global botnet of thousands of infected network hardware devices under the control of a threat actor known to security researchers as Sandworm …
Based on two years of leaked messages, 60,000 in all: The Conti ransomware gang runs like any number of businesses around the world. It has multiple departments, from HR and administrators to coders and researchers. It has policies on how its hackers should process their code, and shares …
Enlarge / Critical infrastructure sites such as this oil refinery in Port Arthur, Texas, rely on safety systems. (credit: IIP Photo Archive ) For years, the hackers behind the malware known as Triton or Trisis have stood out as a uniquely dangerous threat to critical infrastructure: a group of digital intruders …
News : The White House has issued its starkest warning that Russia may be planning cyberattacks against critical-sector U.S. companies amid the Ukraine invasion. [...] Context: The alert comes after Russia has lobbed a series of digital attacks at the Ukrainian government and critical industry sectors. But there’s been …
Enlarge / US Deputy National Security Advisor for Cyber and Emerging Technology Anne Neuberger speaking during a March 21 White House daily press briefing. (credit: Getty Images ) The Biden administration on Monday warned that it believes Russian state hackers may step up a cyber offensive that targets US organizations, particularly …
This is a big deal : A developer has been caught adding malicious code to a popular open-source package that wiped files on computers located in Russia and Belarus as part of a protest that has enraged many users and raised concerns about the safety of free and open source …
Enlarge (credit: Wired | Getty Images) For years, Russia’s cybercrime groups have acted with relative impunity. The Kremlin and local law enforcement have largely turned a blind eye to disruptive ransomware attacks as long as they didn’t target Russian companies. Despite direct pressure on Vladimir Putin to tackle …
The transparency organization Distributed Denial of Secrets has released 800GB of data from Roskomnadzor, the Russian government censorship organization. Specifically, Distributed Denial of Secrets says the data comes from the Roskomnadzor of the Republic of Bashkortostan. The Republic of Bashkortostan is in the west of the country. [...] The data …
It has been interesting to notice how unimportant and ineffective cyber operations have been in the Russia-Ukraine war. Russia launched a wiper against Ukraine at the beginning, but it was found and neutered. Near as I can tell, the only thing that worked was the disabling of regional KA-SAT …
From an army of volunteers to EU and Nato teams, the variety of online actors working for the cause is unprecedented As the conflict in Ukraine escalates, expert cyber-watchers have been speculating about the kind of cyber-attacks that Russia might conduct. Will the Kremlin turn off Ukraine’s power …
Enlarge (credit: Elena Lacey | Getty Images) On Thursday, hackers defaced a Russian Space Research Institute website and leaked files that they allege are stolen from Roscosmos, the Russian space agency. Their message ? “Leave Ukraine alone else Anonymous will f*ck you up even more.” Meanwhile a DDoS attack pummeled …
Pangu Lab in China just published a report of a hacking operation by the Equation Group (aka the NSA). It noticed the hack in 2013, and was able to map it with Equation Group tools published by the Shadow Brokers (aka some Russian group)....the scope of victims exceeded …