Security News

At least six different Russia-aligned actors launched no less than 237 cyberattacks against Ukraine from February 23 to April 8, including 38 discrete destructive attacks that irrevocably destroyed files in hundreds of systems across dozens of organizations in the country. DesertBlade, also a data wiper, is said to have been launched against an unnamed broadcasting company in Ukraine on March 1.

A DDoS attack works by several machines repeatedly flooding servers of a website with excessive requests in a short span of time, such that the servers run out of their allotted bandwidth, and become unresponsive. More recently, Russian hacktivist group "Killnet" has launched DDoS attacks on Romanian government sites.

A DDoS attack works by several machines repeatedly flooding servers of a website with excessive requests in a short span of time, such that the servers run out of their allotted bandwidth, and become unresponsive. Conducting DDoS attacks is a criminal offense in most jurisdictions.

More recently, Russian hacktivist group "Killnet" has launched DDoS attacks on Romanian government sites. Conducting DDoS attacks is a criminal offense in most jurisdictions.

Microsoft has revealed the true scale of Russian-backed cyberattacks against Ukraine since the invasion, with hundreds of attempts from multiple Russian-backed hacking groups targeting infrastructure and Ukrainian citizens. Microsoft has also observed a direct link between cyberattacks and military operations, with the timing between hacking attempts and breaches closely matching that of missile strikes and sieges coordinated by the Russian military.

China appears to be entering a raging cyber-espionage battle that's grown in line with Russia's unprovoked attack on Ukraine, deploying advanced malware on the computer systems of Russian officials. China has tried to play a neutral role since Russia began its invasion of Ukraine on February 24, with government officials saying they want to see a peaceful resolution.

In a first for a major Chinese tech company, drone-maker DJI Technologies announced on Tuesday that it will temporarily suspend business in both Russia and Ukraine. "DJI is internally reassessing compliance requirements in various jurisdictions. Pending the current review, DJI will temporarily suspend all business activities in Russia and Ukraine. We are engaging with customers, partners and other stakeholders regarding the temporary suspension of business operations in the affected territories," declared DJI in a canned statement.

The tables have turned with the NB65 hacking group modifying the leaked Conti ransomware to use in attacks on Russian entities. The Karakurt group handles data extortion tasks for the Conti operation when they are blocked from deploying their ransomware.

Despite being less active, which may suggest that the ransomware business is closer to moonlighting, OldGremlin has demanded ransoms as high as $3 million from one of its victims. Security researchers at Singapore-based cybersecurity company Group-IB say that this time OldGremlin impersonated a senior accountant at a Russian financial organization warning that the recent sanctions imposed on Russia would suspend the operations of the Visa and Mastercard payment processing systems.

While for the longest time open source software has been reliable, community-fuelled, and efficient in that it takes out the need to reinvent the wheel, the recurring cases of voluntary self-sabotage by maintainers have cast doubts on the overall reliability of the ecosystem. This marks the third major protest of 2022 by an open source developer leveraging his vastly used software to express opinions on a matter of public interest.