Celebrate Ukraine’s Independence Day, dozens of IP cameras with speaker outputs have been hacked to play patriotic music in Russia as well as occupied Crimea and Donbas. Today, to celebrate Ukraine’s Independence Day, dozens of IP cameras with speaker outputs have been hacked to play patriotic music in
The cybergang behind the Ragnar Locker ransomware has published more than 360 gigabytes of data allegedly stolen from Greece’s largest natural gas supplier Desfa. Ransomware Gang Leaks Data Allegedly Stolen From Greek Gas Supplier | SecurityWeek.ComRagnar Locker’s operators have leaked over 360 GB of data allegedly stolen during
Ma hajnalban tett közzé a 2402 nevű hekkercsoport egy posztot, melyben azt állítják, hogy feltörték Oroszország legnagyobb online banki és pénzügyi szoftverszolgáltatóját, a moszkvai székhelyű Right Line cég (honlapja: rtln[.]ru) rendszerét és onnan sikerült megszerezniük a teljes archívumot a belső szerverekről. A fájlokat elkezdték közzéteni, melyek összesített mérete 500
Pro-ukrainan hacker group OneFist claim hacked natural gas SCADA system of the russian Khanty-Mansiysk city. They claim the battle took 4 hours, resulting in the complete destruction of the SCADA system and its backup at the airport. 18 hours later the systems are still down, meaning they had no other
Russia’s internet watchdog Roskomnadzor is developing a neural network that will use artificial intelligence to scan websites for prohibited information. Called “Oculus,” the automatic scanner will analyze URLs, images, videos, and chats on websites, forums, social media, and even chat/messenger channels to locate material that should be redacted
The state-backed Russian cyberespionage group Cozy Bear has been particularly prolific in 2022, targeting Microsoft 365 accounts in NATO countries and attempting to access foreign policy information. Microsoft 365 is a cloud-based productivity suite predominately used by business and enterprise entities, facilitating collaboration, communication, data storage, email, office, and more.
Observing the ongoing conflict between Russia and Ukraine, we can clearly see that cyberattacks leveraging malware are an important part of modern hybrid war strategy. While conventional warfare is conducted on the battlefield and limited by several factors, cyber warfare continues in cyber space, offering the chance to infiltrate and
4 malicious campaigns, 13 confirmed victims, and a new wave of Cobalt Strike infections The state-sponsored hacker group APT41 (aka ARIUM, Winnti, LEAD, WICKED SPIDER, WICKED PANDA, Blackfly, Suckfly, Winnti Umbrella, Double Dragon), whose goals are cyber espionage and financial gain, has been active since at least 2007. Group-IB Threat
On June 1, a Google Cloud Armor customer was targeted with a series of HTTPS DDoS attacks which peaked at 46 million requests per second. This is the largest Layer 7 DDoS reported to date—at least 76% larger than the previously reported record. The geographic distribution and types of
A cyber attack disrupted the IT operations of South Staffordshire Water, a company supplying drinking water to 1.6M consumers daily. South Staffordshire Water has issued a statement confirming the security breach, the company pointed out that the attack did not impact the safety and water distribution systems. South Staffordshire
Team82 has developed a novel attack that weaponizes programmable logic controllers (PLCs) in order to exploit engineering workstations and further invade OT and enterprise networks. We’re calling this the Evil PLC Attack. Download the full report here (free PDF). The attack targets engineers working every day on industrial networks,
Pro-ukrainan hacker group OneFist claim demolished the KUPROS Paper Mill in Novosibirk via SCADA attack. They claim "full system control allowed destruction of machinery and potential floods/fires. The loss of machinery and production will be in the millions." Sources: OneFist's Telegram and Twitter channels #RusUkrWar
Infostealer appears to be payload in recent activity aimed at Ukrainian organizations. This activity was ongoing as recently as August 8, 2022 and much of the activity observed in this campaign is consistent with activity that was highlighted by CERT-UA on July 26. Shuckworm (aka Gamaredon, Armageddon) is a Russia-linked
The Microsoft Threat Intelligence Center (MSTIC) has observed and taken actions to disrupt campaigns launched by SEABORGIUM, an actor Microsoft has tracked since 2017. SEABORGIUM is a threat actor that originates from Russia, with objectives and victimology that align closely with Russian state interests. Its campaigns involve persistent phishing and
The pro-Russia Killnet hacker group claims that the stolen information includes PII data such as email addresses and phone numbers of the company’s employees. On August 1st, 2022, the pro-Russian hackers from Killnet claimed responsibility for a DDoS attack on Lockheed Martin, a United States-based global security and aerospace
A OneFist ukránbarát hackercsoport azt állítja, hogy az általuk "Operation Smoked"-nak elnevezett művelet keretében feltörték a Rosseti Lenenergo 110 kV-os PS-249 "Dymi" alállomás SCADA rendszerét. Állításuk szerint a rendszer szünetmentes tápegységének (UPS) sebezhetőségét használták ki, amely teljes hozzáférést biztosított számukra az akkumulátorokhoz, így sikeresen tönkretették
