Security News

US invites friends to multilateral cybersecurity meetings – Russia and China strangely absent
2021-10-14 05:58

The United States has kicked off meetings attended by representatives of nations that all hope to address the scourge of ransomware - without Russia or China in the room. An expression of the US National Security Council's Counter-Ransomware Initiative, the two-day meetings will occupy Wednesday and Thursday.

Russia and China left out of global anti-ransomware meetings
2021-10-13 10:56

The Counter-Ransomware Initiative meetings come in response to ongoing attacks, including ransomware attacks on Colonial Pipeline, JBS Foods, and Kaseya in the U.S., which have revealed significant vulnerabilities across critical worldwide infrastructure. Disrupt Ransomware Infrastructure and Actors: The Administration is bringing the full weight of U.S. government capabilities to disrupt ransomware actors, facilitators, networks, and financial infrastructure;.

Russia-based criminals are still the UK's number 1 cyber-foe, NSO Group's wares a 'red flag' says NCSC chief
2021-10-11 15:52

A new national cyber strategy will be launched by year-end, the National Cyber Security Centre's chief exec has promised - while calling out spyware vendor NSO Group as a "Red flag" for the UK infosec community. Lindy Cameron told the Chatham House international affairs think tank that NSO Group was "Something we raised a red flag about before, that the commercial market for sophisticated cyber exploitation products is an issue."

Never mind Russia: Turkey and Vietnam are Microsoft's new state-backed hacker threats du jour
2021-10-08 15:13

Iran, Turkey and both North and South Korea are bases for nation-state cyber attacks, Microsoft has claimed - as well as old favourite Russia. "After Russia, the largest volume of attacks we observed came from North Korea, Iran and China; South Korea, Turkey and Vietnam were also active but represent much less volume," said MS in a post announcing its findings.

Cybersecurity Firm Group-IB's CEO Arrested Over Treason Charges in Russia
2021-09-30 00:00

Russian authorities on Wednesday arrested and detained Ilya Sachkov, the founder of cybersecurity firm Group-IB, for two months in Moscow on charges of state treason following a search of its office on September 28. The Russian company, which is headquartered in Singapore, confirmed the development but noted the "Reason for the search was not yet clear," adding "The decentralized infrastructure of Group-IB allows us to keep our customer's data safe, maintain business operations and work without interruption across our offices in Russia and around the world."

Russia arrests cybersecurity firm CEO after raiding offices
2021-09-29 19:18

Russian law enforcement on Tuesday has arrested Ilya Sachkov, the co-founder and CEO of cybersecurity company Group-IB, on suspicion of high treason resulting from sharing data with foreign intelligence. Authorities carried out searches at Group-IB offices in Moscow that started early morning on Tuesday and lasted till evening.

EU: Russia Behind ‘Ghostwriter’ Campaign Targeting Germany
2021-09-27 15:35

In the wake of cyberattacks targeting the recently held German elections, the European Union has blamed Russia for an ongoing disinformation campaign called "Ghostwriter." Germany is the latest target in an effort that for years has tried to discredit NATO, and which has both smeared and cyberattacked Parliament members, other politicians and government officials, and journalists. It's not the first time the campaign has been attributed to Russia, but on Friday, the EU Council made the link official.

EU officially blames Russia for 'Ghostwriter' hacking activities
2021-09-24 16:11

The European Union has officially linked Russia to a hacking operation known as Ghostwriter that targets high-profile EU officials, journalists, and the general public. "These malicious cyber activities are targeting numerous members of Parliaments, government officials, politicians, and members of the press and civil society in the EU by accessing computer systems and personal accounts and stealing data," European Council officials said in a press release today.

Mēris Botnet Hit Russia's Yandex With Massive 22 Million RPS DDoS Attack
2021-09-11 04:18

Russian internet giant Yandex has been the target of a record-breaking distributed denial-of-service attack by a new botnet called M?ris. The botnet is believed to have pummeled the company's web infrastructure with millions of HTTP requests, before hitting a peak of 21.8 million requests per second, dwarfing a recent botnet-powered attack that came to light last month, bombarding an unnamed Cloudflare customer in the financial industry with 17.2 million RPS. Russian DDoS mitigation service Qrator Labs, which disclosed details of the attack on Thursday, called M?ris - meaning "Plague" in the Latvian language - a "Botnet of a new kind."

SolarWinds urges US judge to toss out crap infosec sueball: We got pwned by actual Russia, give us a break
2021-08-04 15:34

SolarWinds is urging a US federal judge to throw out a lawsuit brought against it by aggrieved shareholders who say they were misled about its security posture in advance of the infamous Russian attack on the business. Financial newswire Reuters reported that the suit was originally filed over allegations that former SolarWinds chief exec Kevin Thompson cut cybersecurity efforts in the hope of driving greater dividends into the pockets of major investors, Silver Lake and Thoma Bravo, who each reportedly held around 40 per cent of SolarWinds' stocks at the time.