The Russian state-sponsored threat actor known as APT28 (aka Fancy Bear) has been found leveraging a new code execution method that makes use of mouse movement in decoy Microsoft PowerPoint documents to deploy malware. The technique "is designed to be triggered when the user starts the presentation mode and
Today Anonymous hacker collective of Russia launched DDoS attack on websites of Germany. The reason for the attack is probably that German ministers have indicated that people fleeing Russia could apply for asylum in Germany after President Vladimir Putin ordered what he called a "partial military mobilization."
Az ukránbarát Team OneFist azt állítja, hogy az általuk Operation OrcNet-nek elnevezett műveletben feltörte az orosz Sztaroszubhangulovo (Старосубхангулово) település fő router-ét. A router-en keresztül pedig egy meglehetősen érdekes és kiterjedt hálózatot találtak. A hálózathoz több mint 54 000 végpont csatlakozik 106 országból. A legtöbb amerikai és kínai (10 271 és
Before Russian President Vladimir Putin delivered his speech Wednesday, Team OneFist prepared a meaningful surprise too remarkable to ignore as it came in the form of a series of cyber offensives. The first one is the attack on a core private branch exchange (PBX), which covers the greater, if not
The familiar, yet ineffaceable voice from a video of the decentralized international activist and hacktivist collective and movement Anonymous echoed on Twitter on Tuesday afternoon as the movement declared war against Iran and commenced a series of attacks against the government. After several days of massive protests in various areas
Sajtóértesülések szerint az orosz-ukrán háború nyomán kialakult gázszállítási zavarok miatt súlyos pénzügyi nehézségekkel küzdő óriás gázkereskedőben már a szerdai nap folyamán 100 %-os tulajdont szerezhet Németország. A Bloomberg és a Die Welt értesülései szerint a német szövetségi kormány mintegy 8 milliárd eurót juttat az Uniper-nek annak érdekében, hogy megakadályozza annak
"The Russian state-sponsored hacking group known as Sandworm (aka: Quedagh, Voodoo Bear, TEMP.Noble, IRON VIKING, G0034, ELECTRUM, TeleBots, IRIDIUM, Blue Echidna) has been observed masquerading as telecommunication providers to target Ukrainian entities with malware." Sandworm is a state-backed threat actor attributed by the US government as part
Revolut has suffered a cyberattack that gave an unauthorized third party access to personal information of tens of thousands of clients. Founded in 2015, Revolut is a financial technology company that has seen a rapid growth, now offering banking, money management, and investment services to customers all over the world.
Researchers at Akamai are reporting a distributed denial-of-service (DDoS) attack in Eastern Europe, which set records by peaking at 704.8 Mpps as the cyberattackers tried to cripple the organization's business operations. The attackers began by targeting the victim's primary data center, before expanding unexpectedly and
TrendMicro have recently observed malicious actors exploiting both recently disclosed and older Oracle WebLogic Server vulnerabilities to deliver cryptocurrency-mining malware. Oracle WebLogic Server is typically used for developing and deploying high-traffic enterprise applications on cloud environments and engineered and conventional systems. One of the older vulnerabilities that is still being
The Center for European Policy Analysis (CEPA) recently published a 38-page study, Russian Cyberwarfare: Unpacking the Kremlin’s Capabilities by two esteemed researchers, Irina Borogan and Andrei Soldatov. The opening premise is that Russia has not demonstrated its cyber warfare adroitness in support of its invasion of Ukraine. Whether the
Former leader of Team OneFist claims a strategic cyber strike was conducted against a Schneider uninterruptable power system (UPS), located in the town of Satka.
Uber suffered a cyberattack Thursday afternoon with an allegedly 18-year-old hacker downloading HackerOne vulnerability reports and sharing screenshots of the company's internal systems, email dashboard, and Slack server. Other systems accessed by the hacker include the company's Amazon Web Services console, VMware vSphere/ESXi virtual machines,
The operators behind the Lornenz ransomware operation have been observed exploiting a now-patched critical security flaw in Mitel MiVoice Connect to obtain a foothold into target environments for follow-on malicious activities. "Initial malicious activity originated from a Mitel appliance sitting on the network perimeter," researchers from cybersecurity firm
The FBI is warning healthcare facilities of the risks associated with unpatched and outdated medical devices. Security flaws in medical devices could adversely impact the operations of healthcare facilities, while also affecting the safety of patients and data confidentiality and integrity, the FBI says. Both hardware design and device software
The Treasury Department's Office of Foreign Assets Control (OFAC) announced sanctions today against ten individuals and two entities affiliated with Iran's Islamic Revolutionary Guard Corps (IRGC) for their involvement in ransomware attacks. Their malicious activity is tracked and overlaps with state-sponsored hacking groups tracked by cybersecurity
