Security News
At least six Russian Advanced Persistent Threat actors and other unattributed threats, have conducted destructive attacks, espionage operations, or both, while Russian military forces attack the country by land, air, and sea. It is unclear whether computer network operators and physical forces are just independently pursuing a common set of priorities or actively coordinating.
Cyberattacks against Ukraine have been used strategically to support ground campaigns, with five state-sponsored advanced persistent threat groups behind attacks that began in February. From late February to mid-March, another series of wiper attacks using malware called HermeticWiper, IsaacWiper and CaddyWiper targeted organizations in the Ukraine as Russia commenced its physical invasion.
A newly discovered malware loader called Bumblebee is likely the latest development of the Conti syndicate, designed to replace the BazarLoader backdoor used to deliver ransomware payloads. The emergence of Bumblebee in phishing campaigns in March coincides with a drop in using BazarLoader for delivering file-encrypting malware, researchers say.
Microsoft has revealed the true scale of Russian-backed cyberattacks against Ukraine since the invasion, with hundreds of attempts from multiple Russian-backed hacking groups targeting infrastructure and Ukrainian citizens. Microsoft has also observed a direct link between cyberattacks and military operations, with the timing between hacking attempts and breaches closely matching that of missile strikes and sieges coordinated by the Russian military.
The ADA is a dentist and oral hygiene advocacy association providing training, workshops, and courses to its 175,000 members. On Friday, the ADA suffered a cyberattack that forced them to take affected systems offline, which disrupted various online services, telephones, email, and webchat.
The US Department of Energy has announced that it will provide $12 million in funding to six university teams to develop defense and mitigation tools to protect US energy delivery systems from cyberattacks. Cybersecurity tools developed as a result of the six university-led research, development, and demonstration projects will focus on detecting, blocking, and mitigating attempts to compromise critical controls within the US power grid.
New research from the NCC Group illustrates that the number of cyberattacks on these supply chains increased by over half during the period from July to December of 2021. The study, which surveyed 1,400 cybersecurity decision makers, found that 36% said that they are more responsible for preventing, detecting and resolving supply chain attacks than their suppliers.
A Russian cyberweapon, similar to the one used in 2016, was detected and removed before it could be used. ESET researchers collaborated with CERT-UA to analyze the attack against the Ukrainian energy company The destructive actions were scheduled for 2022-04-08 but artifacts suggest that the attack had been planned for at least two weeks The attack used ICS-capable malware and regular disk wipers for Windows, Linux and Solaris operating systems We assess with high confidence that the attackers used a new version of the Industroyer malware, which was used in 2016 to cut power in Ukraine We assess with high confidence that the APT group Sandworm is responsible for this new attack Posted on April 13, 2022 at 6:32 AM 0 Comments.
In a blog post outlining the actions, Microsoft reported attackers used the domains to target Ukrainian media organizations, government institutions and foreign policy think tanks based in the U.S. and Europe. "We obtained a court order authorizing us to take control of seven internet domains Strontium was using to conduct these attacks," said Tom Burt, corporate vice president of Customer Security and Trust at Microsoft.
While most people would not think of the insurance sector as a focus for cyberattacks, new findings show that the industry may have a serious security problem. The recently released Cyber Insurance Risk in 2022 report from Black Kite shows that 82% of the largest insurance carriers are the focus of ransomware attacks from cyber criminals.