Security News
Four top global consultancies, all with big IT practices, have quit Russia. PwC on Sunday decided that Russia's invasion of Ukraine means it "Should not have a member firm in Russia and consequently PwC Russia will leave the network."
Cyber criminals and hacktivist groups are increasingly using the Telegram messaging app for their activities, as the Russia-Ukraine conflict enters its eighth day. A new analysis by Israeli cybersecurity company Check Point Research has found that "User volume grew a hundred folds daily on Telegram related groups, peaking at 200,000 per group."
The Russian government shared a list of 17,576 IP addresses allegedly used to launch distributed denial-of-service attacks targeting Russian organizations and their networks. "The National Coordinating Center for Computer Incidents in the context of massive computer attacks on Russian information resources recommends taking measures to counter threats to information security," the Russian government agency said in a notice.
Russia's invasion of Ukraine, and the possibility that the Kremlin may escalate its cyberespionage against the West after being heavily sanctioned, has convinced the US Senate to unanimously pass a bipartisan cybersecurity bill. The Strengthening American Cybersecurity Act of 2022, which now goes to the House, would put into law some of the regulations the Biden Administration and some members of Congress have been advocating for since the onslaught of high-profile ransomware attacks last year, including those on such companies as Colonial Pipeline and meat processor JBS Foods.
Russia has blocked access to the Facebook social network after Meta, Facebook's parent company, deactivated or restricted access to accounts belonging pr-Kremlin media outlets and news agencies, including RIA Novosti, Sputnik, and Russia Today. "On March 4, 2022, a decision was made to block access to the Facebook network in the Russian Federation," Roskomnadzor stated.
Russia has blocked access to the Facebook social network after Meta, Facebook's parent company, deactivated or restricted access to accounts belonging pr-Kremlin media outlets and news agencies, including RIA Novosti, Sputnik, and Russia Today. "On March 4, 2022, a decision was made to block access to the Facebook network in the Russian Federation," Roskomnadzor stated.
Threat actors are distributing malware using phishing themes related to the invasion of Ukraine, aiming to infect their targets with remote access trojans such as Agent Tesla and Remcos. It is common for malware distributors to take advantage of trending global events to trick the recipient into opening email attachments, and at this time, there is nothing more closely watched than Russia's invasion of Ukraine.
Microsoft announced it will stop all new sales of services and products in Russia in response to Russia's "Unjustified, unprovoked and unlawful invasion" of Ukraine. "We are announcing today that we will suspend all new sales of Microsoft products and services in Russia," Microsoft President and Vice-Chair Brad Smith said.
As the ongoing Russia-Ukraine conflict continues to escalate, the Russian government on Thursday released a massive list containing 17,576 IP addresses and 166 domains that it said are behind a series of distributed denial-of-service attacks aimed at its domestic infrastructure. As part of its recommendations to counter the DDoS attacks, the agency is urging organizations to ringfence network devices, enable logging, change passwords associated with key infrastructure elements, turn off automatic software updates, disable third-party plugins on websites, enforce data backups, and watch out phishing attacks.
Days after the Conti ransomware group broadcasted a pro-Russian message pledging its allegiance to Vladimir Putin's ongoing invasion of Ukraine, a disgruntled member of the cartel has leaked the syndicate's internal chats. The file dump, published by malware research group VX-Underground, is said to contain 13 months of chat logs between affiliates and administrators of the Russia-affiliated ransomware group from January 2021 to February 2022, in a move that's expected to offer unprecedented insight into the gang's workings.