Security News

Claims to have taken down two colossal networks, with 'Secondary Infektion' schooling 'Spamouflage' Russia appears to be "better" at running online trolling campaigns aimed at pushing its...

Dubbed Telekopye, a portmanteau of Telegram and kopye, the toolkit functions as an automated means to create a phishing web page from a premade template and send the URL to potential victims, codenamed Mammoths by the criminals. The attack chains proceed thus: Neanderthals find their Mammoths and try to build rapport with them, before sending a bogus link created using the Telekopye phishing kit via email, SMS, or a direct message.

An infamous Kremlin-backed gang has been using Microsoft Teams chats in attempts to phish marks in governments, NGOs, and IT businesses, according to the Windows giant. In its latest crime spree, a crew that Microsoft Threat Intelligence now tracks as Midnight Blizzard uses previously compromised Microsoft 365 tenants to create domains that masquerade as organizations offering tech support.

The threat actor known as Space Pirates has been linked to attacks against at least 16 organizations in Russia and Serbia over the past year by employing novel tactics and adding new cyber weapons to its arsenal. Targets comprise government agencies, educational institutions, private security companies, aerospace manufacturers, agricultural producers, defense, energy, and healthcare firms in Russia and Serbia.

Sachkov faces 14-year stretch after 'unreasonably rushed trial' A Russian court has sentenced Ilya Sachkov, the founder of security research house Group-IB, to 14 years in a maximum-security...

The project was launched by a pro-Russian hacktivist group known as "NoName057(16)" last summer, quickly reaching 400 active members and 13,000 users on its Telegram channel. In a new report released today, Sekoia analysts say that the DDoSia platform has grown significantly over the year, reaching 10,000 active members contributing firepower to the project's DDoS attacks and 45,000 subscribers on its main Telegram channel.

A Russian network security specialist and former editor of Hacker magazine who is wanted by the US and Russia on cybercrime charges has been detained in Kazakhstan as the two governments seek his extradition. Maybe the second part wasn't such a good idea after all - an update to the statement notes that Kislitsin is also wanted by Russia.

Microsoft linked Cadet Blizzard to Russia's GRU military intelligence unit. "Cadet Blizzard seeks to conduct disruption, destruction, and information collection, using whatever means are available and sometimes acting in a haphazard fashion," they wrote.

The US Department of Energy and other federal bodies are among a growing list of organizations hit by Russians exploiting the MOVEit file-transfer vulnerability. Many orgs, including the US government, have been hit via this flaw, with Clop blamed for this mass exploitation.

The war has been described as the first to deploy significant - if largely immeasurable - levels of cyber operations by the belligerent parties. Despite the disparity in state size and military might, it's a contest in which both sides appear almost equally matched in terms of human and cyber resources; neither side, it seems, has established cyber dominance - yet.