Cybersecurity
ProxyNotShell - Zero-Days In Microsoft Exhange
Microsoft on Friday disclosed that a single activity group in August 2022 achieved initial access and breached Exchange servers by chaining the two newly disclosed zero-day flaws in a limited set of attacks aimed at less than 10 organizations globally. "These attacks installed the Chopper web shell to facilitate
North Korean Lazarus Group Exploiting Dell Driver Vulnerability
The North Korea-backed Lazarus Group has been observed deploying a Windows rootkit by taking advantage of an exploit in a Dell firmware driver, highlighting new tactics adopted by the state-sponsored adversary. The Bring Your Own Vulnerable Driver (BYOVD) attack, which took place in the autumn of 2021, is another variant
Anonymous Russia targeting NATO Countries
On October 2 Anonymous Russia has announced DDoS attack on 12 NATO countries which support officially or verbally Ukraine's NATO membership.
"Operation Silence of the Steppe" Targeting Russian ISPs
On October 2 Team OneFist announced the start of Operation Silence of the Steppe, a joint action in partnership with Anonymous which target russian ISP infrastructure. The goal is to paralyze russian telecommunications, Internet and voice services in response to Putin's sham elections which claiming four occupied regions
Operation Boomerang Targeting Russian Telecoms
Pro-ukrainian hacker group Team OneFist has targeted russian telecoms in Operation Boomerang.
Russian Citizens Wage Cyberwar From Within
For the first time in known history, hackers from within Russia have begun a systemized effort to hack Russian government affiliated websites. Earlier today, Oct. 2, Kyiv Post was contacted by hackers who identified themselves as part of the National Republican Army (NRA). As Kyiv Post has reported before, the
Media clones serving Russian propaganda in Europe
EU DisinfoLab has during the past three months been investigating a large disinformation campaign targeting western audience with pro-Russian propaganda. The complete report from EU Disinfo Lab can be found here: Doppelganger. Under the hood of a DoppelgängerMedia clones serving Russian propaganda September 27, 2022 This work is the result
3 Pro-Russian Hacktivist Groups Linked To The GRU
Mandiant researchers are tracking multiple self-proclaimed hacktivist groups working in support of Russian interests. They assess with moderate confidence that moderators of the purported hacktivist Telegram channels “XakNet Team,” “Infoccentr,” and “CyberArmyofRussia_Reborn” are coordinating their operations with Russian Main Intelligence Directorate (GRU)-sponsored cyber threat actors. Mandiant's
APT28 Using PowerPoint Mouseover Trick to Infect System with Malware
The Russian state-sponsored threat actor known as APT28 (aka Fancy Bear) has been found leveraging a new code execution method that makes use of mouse movement in decoy Microsoft PowerPoint documents to deploy malware. The technique "is designed to be triggered when the user starts the presentation mode and
Szele Tamás: Cybersárkány, cybermedve
Mintha a két ország kulturális öröksége nyomná rá bélyegét a módszerekre. Ez a különbség a sárkány és a medve között. De egyik sem veszélytelen.
Russian Hackers Target Germany
Today Anonymous hacker collective of Russia launched DDoS attack on websites of Germany. The reason for the attack is probably that German ministers have indicated that people fleeing Russia could apply for asylum in Germany after President Vladimir Putin ordered what he called a "partial military mobilization."
"Operation OrcNet" - egy titkos hálózat Oroszország közepén
Az ukránbarát Team OneFist azt állítja, hogy az általuk Operation OrcNet-nek elnevezett műveletben feltörte az orosz Sztaroszubhangulovo (Старосубхангулово) település fő router-ét. A router-en keresztül pedig egy meglehetősen érdekes és kiterjedt hálózatot találtak. A hálózathoz több mint 54 000 végpont csatlakozik 106 országból. A legtöbb amerikai és kínai (10 271 és