In September 2022, Mandiant discovered a suspected Turla Team operation distributing the Kopiluwak reconnaissance utility and Quietcanary backdoor to Andromeda malware victims in Ukraine. Active since at least 2006 and linked to the Russian government, the cyberespionage group is also tracked as Snake, Venomous Bear, Krypton, and Waterbug, and has
Recent attacks documented in previous months seem to be orchestrated by hacking groups using a framework called Raspberry Robin. This well-designed automated framework allows attackers post-infection capabilities to evade detection, move laterally and leverage trusted cloud infrastructures of known data hosting providers such as Discord, Azure & Github, among rest.
Az orosz-ukrán háborúhoz kapcsolódó hacker csoportok állapota a Cyberknow okt. 12-i frissítése szerint: * összesen 84 aktív csoport - az összlétszám a legutóbbi, szept. 7-i frissítéshez képest nem változott, az összetételben ugyanakkor történtek változások * 36 ukránbarát - ami eggyel több a szept. 7-i állapothoz képest * 42 oroszbarát - itt pedig eggyel
Az orosz-ukrán háborúhoz kapcsolódó hacker csoportok állapota a Cyberknow okt. 12-i frissítése szerint: * összesen 84 aktív csoport - az összlétszám a legutóbbi, szept. 7-i frissítéshez képest nem változott, az összetételben ugyanakkor történtek változások * 36 ukránbarát - ami eggyel több a szept. 7-i állapothoz képest * 42 oroszbarát - itt pedig eggyel
Az orosz-ukrán háborúhoz kapcsolódó hacker csoportok állapota a Cyberknow okt. 12-i frissítése szerint: * összesen 84 aktív csoport - az összlétszám a legutóbbi, szept. 7-i frissítéshez képest nem változott, az összetételben ugyanakkor történtek változások * 36 ukránbarát - ami eggyel több a szept. 7-i állapothoz képest * 42 oroszbarát - itt pedig eggyel
Poland’s security agency said on Friday that the country has been a “constant target” of pro-Russian hackers since the start of the war between Russia and Ukraine. The cyberattacks on Poland’s government services, private companies, media organizations and ordinary citizens have intensified over the past year, it said.
North Korea’s BlueNoroff hackers have updated their arsenal and delivery techniques in a new wave of attacks targeting banks and venture capital firms, cybersecurity firm Kaspersky reports. Part of Lazarus, a hacking group linked to the North Korean government, BlueNoroff is financially motivated and has been blamed for numerous
On Telegram, Killnet hackers have leaked a text file showing the login credentials of 10,000 individuals whom they claim are FBI agents. The hacker group also claimed to have breached the security of the US Federal Motor Carrier Safety Administration (FMCSA). The Russian hacker group, KillNet, claims to have
Microsoft has disclosed details of a now-fixed security vulnerability dubbed Achilles (CVE-2022-42821, CVSS score: 5.5) in Apple macOS that could be exploited by threat actors to bypass the Gatekeeper security feature. The Apple Gatekeeper is designed to protect OS X users by performing a number of checks before allowing
Microsoft revised the severity rate for the CVE-2022-37958 flaw which was addressed with Patch Tuesday security updates for September 2022. Microsoft revised the severity rate for the CVE-2022-37958 vulnerability, the IT giant now rated it as “critical” because it discovered that threat actors can exploit the bug to achieve remote
The Russia-linked Gamaredon group attempted to unsuccessfully break into a large petroleum refining company within a NATO member state earlier this year amid the ongoing Russo-Ukrainian war. The attack, which took place on August 30, 2022, is just one of multiple attacks orchestrated by the advanced persistent threat (APT) that&
A compromised Ukrainian Ministry of Defense email account was found sending phishing emails and instant messages to users of the 'DELTA' situational awareness program to infect systems with information-stealing malware. The campaign was highlighted in a report today by CERT-UA (Computer Emergency Response Team of Ukraine), which warned
This year, various ransomware-as-a-service groups have developed versions of their ransomware in Rust, including Agenda. Agenda's Rust variant has targeted vital industries like its Go counterpart. In this blog, we will discuss how the Rust variant works. This year, ransomware-as-a-service (RaaS) groups like BlackCat, Hive, and RansomExx have
Ukrainian government entities were hacked in targeted attacks after their networks were first compromised via trojanized ISO files posing as legitimate Windows 10 installers. These malicious installers delivered malware capable of collecting data from compromised computers, deploying additional malicious tools, and exfiltrating stolen data to attacker-controlled servers. One of the
Researchers at Trustwave Holdings Inc.’s SpiderLabs detailed a new campaign that leverages Facebook infrastructure for phishing attacks and the theft of personally identifiable information. Users are advised to be extra careful when receiving false violation notifications and not to be fooled by the apparent legitimacy of the initial links.
Navigation system monitors have seen a recent uptick in interruptions since Ukraine began launching long-range drone attacks. EVERY DAY, BILLIONS of people use the GPS satellite system to find their way around the world—but GPS signals are vulnerable. Jamming and spoofing attacks can cripple GPS connections entirely or make
