Security News

Finish newspaper Helsinin Sanomat has created a custom Counter-Strike: Global Offensive map explicitly made to bypass Russian news censorship and smuggle information about the war in Ukraine to Russian players. Starting in March 2022, following its invasion of Ukraine, Russia began blocking international news outlets to implement tighter controls over what news reaches the Russian audience regarding the ongoing war.

The Kremlin-backed threat group APT28 is flooding Ukrainian government agencies with email messages about bogus Windows updates in the hope of dropping malware that will exfiltrate system data. Executing the command simulates a Windows update but actually downloads and executes a PowerShell script that collects basic system information about using such commands as "Tasklist" and "Systeminfo".

Eurocontrol confirmed on Friday its website has been "Under attack" since April 19, and said "Pro-Russian hackers" had claimed responsibility for the disruption. "The attack is causing interruptions to the website and web availability," a spokesperson told The Register.

The UN Cybercrime Treaty, to the extent it gets adopted, is expected to define global norms for lawful surveillance and legal processes available to investigate and prosecute cybercriminals. What concerns Rodriguez and other representatives of advocacy groups at the briefing is that the treaty negotiators will compromise on surveillance, privacy, and human rights.

The Federal Security Service of the Russian Federation has accused the United States and other NATO countries of launching over 5,000 cyberattacks against critical infrastructure in the country since the beginning of 2022. The agency says it has taken timely measures to prevent these attacks from causing any negative consequences to Russia.

The Russia-linked APT29 threat actor has been attributed to an ongoing cyber espionage campaign targeting foreign ministries and diplomatic entities located in NATO member states, the European Union, and Africa. Nobelium's operations have been attributed to Russia's Foreign Intelligence Service, an organization that's tasked with protecting "Individuals, society, and the state from foreign threats."

The pro-Russia hacker group NoName057(16) reportedly claimed it was behind Denial of Service attacks against the Finnish parliament's website on Tuesday, the day the country joined NATO. The country's Technical Research Centre of Finland was also hacked, according to Finnish news site, YLE. NoName057(16) is the same group that took responsibility for a distributed denial of service attack, taking down the website for the country's parliament last August, and who also attacked Ukraine, the U.S., Poland and other European countries. In a new study, Unveiling the New Threat Landscape, NetScout said that the U.S. national security sector experienced a 16,815% increase in DDoS attacks in the second half of 2022, many related to Killnet.

Register Kettle Lately, we've learned of Russia's stockpile of cyber-weapons, and we're genuinely wondering if anyone's surprised by these revelations. Those documents included evidence of Western snoops overstepping legal boundaries.

A cyber spy gang supporting Russia is targeting US elected officials and their staffers, in addition to European lawmakers, using unpatched Zimbra Collaboration software in two campaigns spotted by Proofpoint. At the time, the criminals were targeting government agencies in Azerbaijan, Cyprus, India, Italy, Lithuania, Ukraine, and the Vatican.

Russia's Rostec has reportedly bought a platform that allows it to uncover the identities of anonymous Telegram users, likely to be used to tamp down on unfavorable news out of the country. The organization, which has an active role in monitoring the circulation of information within the country, is particularly interested in the identity of Telegram channel administrators who are critical of the Russian state.