Security News

The European Union on Thursday imposed sanctions on two Russian officials and part of Russia's GRU military intelligence agency over a cyberattack against the German parliament in 2015. EU headquarters said in a statement that travel bans and asset freezes have been imposed on the two men: Igor Kostyukov, head of the Main Directorate of the General Staff of the Russian Armed Forces, and Dmitry Badin, a military intelligence officer.

Key findings Between 2015 and 2019, the number of reported cyberattacks that used machine identities grew by more than 700%, with this amount increasing by 433% between the years 2018 and 2019 alone. From 2015 to 2019, the number of vulnerabilities involving machine identities grew by 260%, increasing by 125% between 2018 and 2019.

French-headquartered IT outsourcer Sopra Steria has been struck by a "Cyberattack," reportedly linked to the Ryuk ransomware gang. The business declined to say what had happened, though French media reports indicated that Sopra Steria's Active Directory infrastructure had been compromised, seemingly by hackers linked to the Ryuk malware crowd.

The bug exists in the Citrix Application Delivery Controller and Gateway, a purpose-built networking appliance meant to improve the performance and security of applications delivered over the web. Microsoft bugs are well-represented, including the BlueKeep RCE bug in Remote Desktop Services, which is still under active attack a year after disclosure.

The United Kingdom on Monday exposed and condemned cyberattacks that the Russian military intelligence service GRU allegedly launched against organizations involved in the 2020 Olympic and Paralympic Games that were set to take place in Tokyo this summer, but were postponed due to the COVID-19 pandemic. On Monday, the United States announced charges against six officers of the GRU, which is also said to have orchestrated the cyberattacks on the PyeongChang Winter Olympics with the Olympic Destroyer malware.

The US government on Monday formally charged six Russian intelligence officers for carrying out destructive malware attacks with an aim to disrupt and destabilize other nations and cause monetary losses. The individuals, who work for Unit 74455 of the Russian Main Intelligence Directorate, have been accused of perpetrating the "Most disruptive and destructive series of computer attacks ever attributed to a single group," according to the Justice Department.

The Department of Justice on Monday announced charges against six Russian nationals who are allegedly tied to the Sandworm APT. The threat group is believed to have launched several high-profile cyberattacks over the past few years - including the destructive NotPetya cyberattack that targeted hundreds of firms and hospitals worldwide in 2017. According to the DOJ complaint, the six Russian nationals are tied to a division of the Russian military intelligence service and also affiliated with the APT Sandworm, also known as TeleBots.

Hackers sent Joe Biden's presidential campaign staffers malicious emails that impersonated anti-virus software company McAfee, and used a mix of legitimate services to avoid detection. The unsuccessful advanced persistent threat group attacks on Biden's campaign were first uncovered in June, along with cyberattacks targeting Donald Trump's campaign.

Millions of Barnes & Noble customers received a worrying email around 1 am on Thursday morning notifying them that the company suffered from a cyberattack on Oct. 10, which brought down its Nook services and led to the "Unauthorized access" to "Certain Barnes & Noble corporate systems." Reports of problems with the Barnes & Noble system started to emerge on Saturday, when GoodEReader reported outages with Nook e-readers as well as the Nook apps for iOS and Android.

Bookselling giant Barnes & Noble has sent email notifications to its customers to inform them of a recent cyberattack. A Fortune 1000 company, Barnes & Noble is the bookseller with the largest number of retail outlets in the United States.