Security News

Updated The offensive cyber unit linked to Russia's Foreign Intelligence Service is exploiting the critical vulnerability affecting the JetBrains TeamCity CI/CD server at scale, and has been since September, authorities warn. The exploit in TeamCity could give attackers enough access to manipulate a software's source code, sign certificates, and compile and deploy processes, the advisory says.

The Ukrainian government's military intelligence service says it hacked the Russian Federal Taxation Service, wiping the agency's database and backup copies. Following this operation, carried out by cyber units within Ukraine's Defense Intelligence, military intelligence officers breached Russia's federal taxation service central servers and 2,300 regional servers across Russia and occupied Ukrainian territories.

A Belgian man has been arrested and charged for his role in a years-long smuggling scheme to export military-grade electronics from the US to Russia and China. Belgian law enforcement detained Hans Maria De Geetere, 61, and five others for questioning on December 5.

The Russia-linked influence operation called Doppelganger has targeted Ukrainian, U.S., and German audiences through a combination of inauthentic news sites and social media accounts. These...

The government of the United Kingdom has issued a strongly worded denial of a report that the Sellafield nuclear complex has been compromised by malware for years. The report, appearing in The Guardian, claimed that the controversial complex was hacked by "Cyber groups closely linked to Russia and China," with the infection detected in 2015 but perhaps present before that year.

Also: Qakbot on verge of permadeath, Australia can't deliver on ransom payment ban (yet), and Justin Sun's very bad month Infosec in Brief Cybercriminals working out of Russia go to great lengths...

Blackouts in Ukraine last year were not just caused by missile strikes on the nation but also by a seemingly coordinated cyberattack on one of its power plants. That's according to Mandiant's threat intel team, which said Russia's Sandworm crew was behind the two-pronged power-outage and data-wiping attack.

And that includes ransomware crims, claims US of alleged sanctions-buster A Russian woman the US accuses of being a career money launderer is the latest to be sanctioned by the country for her...

The Winter Vivern cyber spy group is exploiting an XSS zero-day vulnerability in attacks on European governments. Researchers at ESET, who discovered the activity, didn't name the specific government entities it targeted but given Winter Vivern's nexus to Russia and Belarus, they are likely to be adversaries of those countries.

Dalke, 31, admitted that he transmitted excerpts from three classified documents, and sent four in their entirety, to an FBI online covert employee, all of which contained national defense information determined [PDF] to be classified top secret. A former US Army soldier, Dalke was employed at the NSA as an information security systems designer for less than a month, and resigned after the NSA denied his request for extended leave to take care of a sick family member.