Security News

The Russian government shared a list of 17,576 IP addresses allegedly used to launch distributed denial-of-service attacks targeting Russian organizations and their networks. "The National Coordinating Center for Computer Incidents in the context of massive computer attacks on Russian information resources recommends taking measures to counter threats to information security," the Russian government agency said in a notice.

Russia's invasion of Ukraine, and the possibility that the Kremlin may escalate its cyberespionage against the West after being heavily sanctioned, has convinced the US Senate to unanimously pass a bipartisan cybersecurity bill. The Strengthening American Cybersecurity Act of 2022, which now goes to the House, would put into law some of the regulations the Biden Administration and some members of Congress have been advocating for since the onslaught of high-profile ransomware attacks last year, including those on such companies as Colonial Pipeline and meat processor JBS Foods.

Russia has blocked access to the Facebook social network after Meta, Facebook's parent company, deactivated or restricted access to accounts belonging pr-Kremlin media outlets and news agencies, including RIA Novosti, Sputnik, and Russia Today. "On March 4, 2022, a decision was made to block access to the Facebook network in the Russian Federation," Roskomnadzor stated.

Russia has blocked access to the Facebook social network after Meta, Facebook's parent company, deactivated or restricted access to accounts belonging pr-Kremlin media outlets and news agencies, including RIA Novosti, Sputnik, and Russia Today. "On March 4, 2022, a decision was made to block access to the Facebook network in the Russian Federation," Roskomnadzor stated.

Threat actors are distributing malware using phishing themes related to the invasion of Ukraine, aiming to infect their targets with remote access trojans such as Agent Tesla and Remcos. It is common for malware distributors to take advantage of trending global events to trick the recipient into opening email attachments, and at this time, there is nothing more closely watched than Russia's invasion of Ukraine.

Microsoft announced it will stop all new sales of services and products in Russia in response to Russia's "Unjustified, unprovoked and unlawful invasion" of Ukraine. "We are announcing today that we will suspend all new sales of Microsoft products and services in Russia," Microsoft President and Vice-Chair Brad Smith said.

As the ongoing Russia-Ukraine conflict continues to escalate, the Russian government on Thursday released a massive list containing 17,576 IP addresses and 166 domains that it said are behind a series of distributed denial-of-service attacks aimed at its domestic infrastructure. As part of its recommendations to counter the DDoS attacks, the agency is urging organizations to ringfence network devices, enable logging, change passwords associated with key infrastructure elements, turn off automatic software updates, disable third-party plugins on websites, enforce data backups, and watch out phishing attacks.

Days after the Conti ransomware group broadcasted a pro-Russian message pledging its allegiance to Vladimir Putin's ongoing invasion of Ukraine, a disgruntled member of the cartel has leaked the syndicate's internal chats. The file dump, published by malware research group VX-Underground, is said to contain 13 months of chat logs between affiliates and administrators of the Russia-affiliated ransomware group from January 2021 to February 2022, in a move that's expected to offer unprecedented insight into the gang's workings.

Roskomnadzor, Russia's telecommunications watchdog, asked Google to stop advertising campaigns spreading misinformation about Russia's invasion of Ukraine on YouTube videos. "Roskomnadzor sent a letter to Google LLC with a demand to immediately stop disseminating false information of a political nature about the special operation of the Russian Armed Forces in Ukraine on the territory of Russia," the internet watchdog explained.

The Ukrainian government attributed the activities to a threat actor tracked as UNC1151, a Minsk-based group whose "Members are officers of the Ministry of Defence of the Republic of Belarus." In a follow-up update, the agency said the nation-state group also targets its own citizens, while simultaneously setting its sights on Russian entities -. The development follows a barrage of data wiper and distributed-denial-of-service attacks against Ukrainian government agencies, even as various hacking groups and ransomware syndicates are capitalizing on the chaos to take sides and further their activities.