Security News

Microsoft linked Cadet Blizzard to Russia's GRU military intelligence unit. "Cadet Blizzard seeks to conduct disruption, destruction, and information collection, using whatever means are available and sometimes acting in a haphazard fashion," they wrote.

The US Department of Energy and other federal bodies are among a growing list of organizations hit by Russians exploiting the MOVEit file-transfer vulnerability. Many orgs, including the US government, have been hit via this flaw, with Clop blamed for this mass exploitation.

The war has been described as the first to deploy significant - if largely immeasurable - levels of cyber operations by the belligerent parties. Despite the disparity in state size and military might, it's a contest in which both sides appear almost equally matched in terms of human and cyber resources; neither side, it seems, has established cyber dominance - yet.

Russian cybersecurity firm Kaspersky says some iPhones on its network were hacked using an iOS vulnerability that installed malware via iMessage zero-click exploits. Kaspersky says the campaign started in 2019 and reports the attacks are still ongoing.

The U.S. government on Tuesday announced the court-authorized disruption of a global network compromised by an advanced malware strain known as Snake wielded by Russia's Federal Security Service. Snake, dubbed the "Most sophisticated cyber espionage tool," is the handiwork of a Russian state-sponsored group called Turla, which the U.S. government attributes to a unit within Center 16 of the FSB. The threat actor has a track record of heavily focusing on entities in Europe, the Commonwealth of Independent States, and countries affiliated with NATO, with recent activity expanding its footprint to incorporate Middle Eastern nations deemed a threat to countries supported by Russia in the region.

Finish newspaper Helsinin Sanomat has created a custom Counter-Strike: Global Offensive map explicitly made to bypass Russian news censorship and smuggle information about the war in Ukraine to Russian players. Starting in March 2022, following its invasion of Ukraine, Russia began blocking international news outlets to implement tighter controls over what news reaches the Russian audience regarding the ongoing war.

The Kremlin-backed threat group APT28 is flooding Ukrainian government agencies with email messages about bogus Windows updates in the hope of dropping malware that will exfiltrate system data. Executing the command simulates a Windows update but actually downloads and executes a PowerShell script that collects basic system information about using such commands as "Tasklist" and "Systeminfo".

Eurocontrol confirmed on Friday its website has been "Under attack" since April 19, and said "Pro-Russian hackers" had claimed responsibility for the disruption. "The attack is causing interruptions to the website and web availability," a spokesperson told The Register.

The UN Cybercrime Treaty, to the extent it gets adopted, is expected to define global norms for lawful surveillance and legal processes available to investigate and prosecute cybercriminals. What concerns Rodriguez and other representatives of advocacy groups at the briefing is that the treaty negotiators will compromise on surveillance, privacy, and human rights.

The Federal Security Service of the Russian Federation has accused the United States and other NATO countries of launching over 5,000 cyberattacks against critical infrastructure in the country since the beginning of 2022. The agency says it has taken timely measures to prevent these attacks from causing any negative consequences to Russia.