Szele Tamás: Svájci bicska és kínai tea
Hogy Kína képes-e növelni befolyását Svájcban, az egyelőre még nem világos, de hogy törekszik rá: az biztos.
English
Russia-linked Sandworm APT group is behind SwiftSlicer wiper, that hit Ukraine
Researchers from ESET discovered a new Golang-based wiper, dubbed SwiftSlicer, that was used in attacks aimed at Ukraine. The experts believe that the Russia-linked APT group Sandwork (aka BlackEnergy and TeleBots) is behind the wiper attacks. #BREAKING On January 25th #ESETResearch discovered a new cyberattack in 🇺🇦 Ukraine. Attackers deployed a
Pro-Ukrainian hackers hacked more than 1 000 routers across Russia - "Operation Turn Ruzzia Off"
The pro-Ukrainian hacker group TeamOneFist has announced its first joint mission with Anonymous RoughSec against Russia, titled "Operation Turn Ruzzia Off". Hackers claim they successfully shut down 316 Metro and Edge routers across Russia and disarmed 944 more.
CyberAttack Techniques of MacOS Ransomware
Microsoft has shed light on four different ransomware families – KeRanger, FileCoder, MacRansom, and EvilQuest – that are known to impact Apple macOS systems. "While these malware families are old, they exemplify the range of capabilities and malicious behavior possible on the platform," the Microsoft's Security Threat Intelligence
Russian hackers targeted U.S. nuclear scientists
A Russian hacking team known as Cold River targeted three nuclear research laboratories in the United States this past summer, according to internet records reviewed by Reuters and five cyber security experts. Between August and September, as President Vladimir Putin indicated Russia would be willing to use nuclear weapons to
Russian Turla Cyberspies Leveraged Other Hackers' USB-Delivered Malware
In September 2022, Mandiant discovered a suspected Turla Team operation distributing the Kopiluwak reconnaissance utility and Quietcanary backdoor to Andromeda malware victims in Ukraine. Active since at least 2006 and linked to the Russian government, the cyberespionage group is also tracked as Snake, Venomous Bear, Krypton, and Waterbug, and has
Raspberry Robin Detected ITW Targeting Insurance & Financial Institutes In Europe
Recent attacks documented in previous months seem to be orchestrated by hacking groups using a framework called Raspberry Robin. This well-designed automated framework allows attackers post-infection capabilities to evade detection, move laterally and leverage trusted cloud infrastructures of known data hosting providers such as Discord, Azure & Github, among rest.
Poland warns of pro-Kremlin cyberattacks aimed at destabilization
Poland’s security agency said on Friday that the country has been a “constant target” of pro-Russian hackers since the start of the war between Russia and Ukraine. The cyberattacks on Poland’s government services, private companies, media organizations and ordinary citizens have intensified over the past year, it said.
North Korean Hackers Created 70 Fake Bank, Venture Capital Firm Domains
North Korea’s BlueNoroff hackers have updated their arsenal and delivery techniques in a new wave of attacks targeting banks and venture capital firms, cybersecurity firm Kaspersky reports. Part of Lazarus, a hacking group linked to the North Korean government, BlueNoroff is financially motivated and has been blamed for numerous
Russian Killnet Hackers Claim Data Theft of FBI Agents
On Telegram, Killnet hackers have leaked a text file showing the login credentials of 10,000 individuals whom they claim are FBI agents. The hacker group also claimed to have breached the security of the US Federal Motor Carrier Safety Administration (FMCSA). The Russian hacker group, KillNet, claims to have
Microsoft shares details for a Gatekeeper Bypass bug in Apple macOS
Microsoft has disclosed details of a now-fixed security vulnerability dubbed Achilles (CVE-2022-42821, CVSS score: 5.5) in Apple macOS that could be exploited by threat actors to bypass the Gatekeeper security feature. The Apple Gatekeeper is designed to protect OS X users by performing a number of checks before allowing
Critical Windows Code-Execution Vulnerabilitiy - CVE-2022-37958
Microsoft revised the severity rate for the CVE-2022-37958 flaw which was addressed with Patch Tuesday security updates for September 2022. Microsoft revised the severity rate for the CVE-2022-37958 vulnerability, the IT giant now rated it as “critical” because it discovered that threat actors can exploit the bug to achieve remote
Russian Hackers Targeted Petroleum Refinery in NATO Country During Ukraine War
The Russia-linked Gamaredon group attempted to unsuccessfully break into a large petroleum refining company within a NATO member state earlier this year amid the ongoing Russo-Ukrainian war. The attack, which took place on August 30, 2022, is just one of multiple attacks orchestrated by the advanced persistent threat (APT) that&
Ukraine's DELTA military system users targeted by info-stealing malware
A compromised Ukrainian Ministry of Defense email account was found sending phishing emails and instant messages to users of the 'DELTA' situational awareness program to infect systems with information-stealing malware. The campaign was highlighted in a report today by CERT-UA (Computer Emergency Response Team of Ukraine), which warned
New Agenda Ransomware Variant Targets Critical Sectors
This year, various ransomware-as-a-service groups have developed versions of their ransomware in Rust, including Agenda. Agenda's Rust variant has targeted vital industries like its Go counterpart. In this blog, we will discuss how the Rust variant works. This year, ransomware-as-a-service (RaaS) groups like BlackCat, Hive, and RansomExx have
Ukrainian govt networks breached via trojanized Windows 10 installers
Ukrainian government entities were hacked in targeted attacks after their networks were first compromised via trojanized ISO files posing as legitimate Windows 10 installers. These malicious installers delivered malware capable of collecting data from compromised computers, deploying additional malicious tools, and exfiltrating stolen data to attacker-controlled servers. One of the