Cyber Strike On A Russian Metallurgical Plant By Pro-Ukrainian Hacker
Former leader of Team OneFist claims a strategic cyber strike was conducted against a Schneider uninterruptable power system (UPS), located in the town of Satka.
English
Uber hacked, internal systems breached and vulnerability reports stolen
Uber suffered a cyberattack Thursday afternoon with an allegedly 18-year-old hacker downloading HackerOne vulnerability reports and sharing screenshots of the company's internal systems, email dashboard, and Slack server. Other systems accessed by the hacker include the company's Amazon Web Services console, VMware vSphere/ESXi virtual machines,
Lorenz Ransomware Exploit Mitel VoIP Systems to Breach Business Networks
The operators behind the Lornenz ransomware operation have been observed exploiting a now-patched critical security flaw in Mitel MiVoice Connect to obtain a foothold into target environments for follow-on malicious activities. "Initial malicious activity originated from a Mitel appliance sitting on the network perimeter," researchers from cybersecurity firm
FBI Warns of Unpatched and Outdated Medical Device Risks
The FBI is warning healthcare facilities of the risks associated with unpatched and outdated medical devices. Security flaws in medical devices could adversely impact the operations of healthcare facilities, while also affecting the safety of patients and data confidentiality and integrity, the FBI says. Both hardware design and device software
US govt sanctions ten Iranians linked to ransomware attacks
The Treasury Department's Office of Foreign Assets Control (OFAC) announced sanctions today against ten individuals and two entities affiliated with Iran's Islamic Revolutionary Guard Corps (IRGC) for their involvement in ransomware attacks. Their malicious activity is tracked and overlaps with state-sponsored hacking groups tracked by cybersecurity
Pro-Russian Hackers Threatens The Georgian Government
The pro-Russian hacking group Killnet and their founder, Killmilk gave a warning to the entire Georgian government that if they work against the Russian Federation, Killmilk himself would personally arrange the genocide of the Georgian people around the world. Accordingly, it has been claimed that Georgia is planning to open
Pro-Russian Hacktivist Groups Target Ukraine Supporters
As the war in Ukraine rages on, unseen but related battles occur daily across the globe. These confrontations stem from pro-Russian hacktivist groups targeting countries that support Ukraine, likely with support from the Kremlin. These hacktivists have been targeting a wide swath of industries and sectors, including aviation, energy, financial,
Opsec Mistakes Reveal Iranian COBALT MIRAGE Threat Actors
Artifacts exposed personas and companies associated with the Iranian threat group. Secureworks® Counter Threat Unit™ (CTU) analysis of a June 2022 ransomware incident revealed details about Iranian COBALT MIRAGE threat group operations. Despite CTU™ researchers publicly disclosing COBALT MIRAGE tactics, techniques, and procedures (TTPs) in May 2022, the threat actors
New Wave of Espionage Activity Targets Asian Governments
Governments and state-owned organizations are the latest targets of a well-established threat actor. A distinct group of espionage attackers who were formerly associated with the ShadowPad remote access Trojan (RAT) has adopted a new, diverse toolset to mount an ongoing campaign against a range of government and state-owned organizations in
Chinese hackers create Linux version of the SideWalk Windows malware
State-backed Chinese hackers have developed a Linux variant for the SideWalk backdoor used against Windows systems belonging to targets in the academic sector. The malware is attributed with high confidence to the SparklingGoblin threat group, also tracked as Earth Baku, which is believed to be connected to the APT41 cyberespionage
Meet Killnet, Russia’s hacking patriots plaguing Europe
Pro-Russian hackers hit countries taking action against Russia for its war in Ukraine. A rag-tag group of Russian hacktivists is targeting European governments, infrastructure and even its prized Eurovision song contest with cyberattacks and disinformation campaigns, in an effort to deter support for Ukraine in the war. The pro-Kremlin hacker
Google: Conti repurposing tools for Ukraine attacks using Follina bug, Musk impersonation
Former members of the notorious Conti ransomware group have repurposed many of their tools for attacks on Ukrainian organizations, according to a new report from Google’s Threat Analysis Group (TAG). Google: Conti repurposing tools for Ukraine attacks using Follina bug, Musk impersonationFormer members of the Conti ransomware group have
GhostSec hacktivist group compromise 55 Berghof PLCs across Israel, OTORIO discloses
Industrial cybersecurity firm OTORIO published on Wednesday details of the GhostSec hacktivist group, which gained control over 55 Berghof programmable logic controllers (PLCs) across Israeli organizations and platforms. The firm said that last week GhostSec, which was previously observed targeting Israeli organizations and platforms, announced on social media and its
North-Korean Lazarus APT Group Targeting Energy Providers Around The World
Security researchers have linked a new cyber espionage campaign targeting U.S., Canadian and Japanese energy providers to the North Korean state-sponsored Lazarus hacking group. Threat intelligence company Cisco Talos said Thursday that it has observed Lazarus — also known as APT38 — targeting unnamed energy providers in the United States, Canada
Classified NATO documents stolen from Portugal, now sold on darkweb
The Armed Forces General Staff agency of Portugal (EMGFA) has suffered a cyberattack that allegedly allowed the theft of classified NATO documents, which are now sold on the dark web. Classified NATO documents stolen from Portugal, now sold on darkwebThe Armed Forces General Staff agency of Portugal (EMGFA) has suffered
Iranian state-sponsored hacker group Nemesis Kitten encrypt Windows systems using BitLocker
Microsoft threat intelligence teams have been tracking multiple ransomware campaigns and have tied these attacks to DEV-0270, also known as Nemesis Kitten, a sub-group of Iranian actor PHOSPHORUS. Microsoft assesses with moderate confidence that DEV-0270 conducts malicious network operations, including widespread vulnerability scanning, on behalf of the government of Iran.