Security News

Threat actors intensify focus on NATO member states
2024-02-14 04:00

Initial access brokers are increasingly targeting entities within NATO member states, indicating a persistent and geographically diverse cyberthreat landscape, according to Flare. Flare analyzed hundreds of IAB posts on the Russian-language hacking forums, and discovered recent activity in 21 out of the 31 NATO countries - confirming the extensive reach and consistent potential threat IABs pose to national security and economic stability.

Russian military hackers target NATO fast reaction corps
2023-12-07 22:20

Russian APT28 military hackers used Microsoft Outlook zero-day exploits to target multiple European NATO member countries, including a NATO Rapid Deployable Corps. The Russian hackers are also tracked as Fighting Ursa, Fancy Bear, and Sofacy, and they've been previously linked to Russia's Main Intelligence Directorate, the country's military intelligence service.

'Gay furry hackers' brag of second NATO break-in, steal and leak more data
2023-10-04 20:22

NATO is facing persistent cyber threats and takes cyber security seriously. NATO cyber experts are actively addressing incidents affecting some unclassified NATO websites.

NATO probes hacktivist crew's boasts of stolen portal data
2023-07-27 22:33

NATO is investigating claims by miscreants that they broke into the military alliance's unclassified information-sharing and collaboration IT environment, stole information belonging to 31 nations, and leaked 845 MB of compressed data. On July 23, SiegedSec, a crew that describes itself as "Gay furry hackers" and typically targets governments in politically motivated stunts, shared what was said to be stolen NATO documents via the gang's Telegram channel.

NATO investigates alleged data theft by SiegedSec hackers
2023-07-26 16:26

NATO has confirmed that its IT team is investigating claims about an alleged data-theft hack on the Communities of Interest (COI) Cooperation Portal by a hacking group known as SiegedSec. [...]

Microsoft: Unpatched Office zero-day exploited in NATO summit attacks
2023-07-11 18:23

"Microsoft is investigating reports of a series of remote code execution vulnerabilities impacting Windows and Office products. Microsoft is aware of targeted attacks that attempt to exploit these vulnerabilities by using specially-crafted Microsoft Office documents," Redmond said today. "An attacker could create a specially crafted Microsoft Office document that enables them to perform remote code execution in the context of the victim. However, an attacker would have to convince the victim to open the malicious file."

RomCom hackers target NATO Summit attendees in phishing attacks
2023-07-10 20:44

A threat actor referred to as 'RomCom' has been targeting organizations supporting Ukraine and guests of the upcoming NATO Summit set to start tomorrow in Vilnius, Lithuania. BlackBerry's research and intelligence team recently discovered two malicious documents that impersonated the Ukranian World Congress organization and topics related to the NATO Summit to lure selected targets.

RomCom RAT Targeting NATO and Ukraine Support Groups
2023-07-10 06:42

The threat actors behind the RomCom RAT have been suspected of phishing attacks targeting the upcoming NATO Summit in Vilnius as well as an identified organization supporting Ukraine abroad. The findings come from the BlackBerry Threat Research and Intelligence team, which found two malicious documents submitted from a Hungarian IP address on July 4, 2023. RomCom, also tracked under the names Tropical Scorpius, UNC2596, and Void Rabisu, was recently observed staging cyber attacks against politicians in Ukraine who are working closely with Western countries and a U.S.-based healthcare organization involved with aiding refugees fleeing the war-torn country.

FBI-led Op Medusa slays NATO-bothering Russian military malware network
2023-05-09 20:28

The FBI has cut off a network of Kremlin-controlled computers used to spread the Snake malware which, according to the Feds, has been used by Russia's FSB to steal sensitive documents from NATO members for almost two decades. After identifying and stealing sensitive files on victims' devices, Turla exfiltrated them through a covert network of unwitting Snake-compromised computers in the US. In effect, Snake can infect Windows, Linux, and macOS systems, and use those network nodes to pass data stolen from victims along to the software nasty's Russian spymasters.

Russia accuses NATO of launching 5,000 cyberattacks since 2022
2023-04-14 16:19

The Federal Security Service of the Russian Federation has accused the United States and other NATO countries of launching over 5,000 cyberattacks against critical infrastructure in the country since the beginning of 2022. The agency says it has taken timely measures to prevent these attacks from causing any negative consequences to Russia.