Security News

Russian military hackers target NATO fast reaction corps
2023-12-07 22:20

Russian APT28 military hackers used Microsoft Outlook zero-day exploits to target multiple European NATO member countries, including a NATO Rapid Deployable Corps. The Russian hackers are also tracked as Fighting Ursa, Fancy Bear, and Sofacy, and they've been previously linked to Russia's Main Intelligence Directorate, the country's military intelligence service.

Russian pleads guilty to running crypto-exchange used by ransomware gangs
2023-12-07 17:09

Russian national Anatoly Legkodymov pleaded guilty to operating the Bitzlato cryptocurrency exchange that helped ransomware gangs and other cybercriminals launder over $700 million. As a Bitzlato co-founder and principal stakeholder, Legkodymov has agreed to disband the cryptocurrency exchange and relinquish any rights to approximately $23 million in seized assets, as outlined in the plea agreement.

UK and allies expose Russian FSB hacking group, sanction members
2023-12-07 16:38

The UK National Cyber Security Centre and Microsoft warn that the Russian state-backed actor "Callisto Group" is targeting organizations worldwide with spear-phishing campaigns used to steal account credentials and data. Today, the United Kingdom officially attributed attacks to Callisto that led to the leaking of UK-US trade documents, the 2018 hack of the UK think tank Institute for Statecraft, and more recently, the hack on StateCraft's founder Christopher Donnelly.

Russian hackers use old Outlook vulnerability to target Polish orgs (CVE-2023-23397)
2023-12-05 14:45

Russian state-backed hacking group Forest Blizzard has been using a known Microsoft Outlook vulnerability to target public and private entities in Poland, Polish Cyber Command has warned. The attacks were further analyzed by Polish Cyber Command, who confirmed that the threat actors have been gaining access to email accounts within Microsoft Exchange servers and modifying folder permissions within the victim's mailbox.

Russian hackers exploiting Outlook bug to hijack Exchange accounts
2023-12-04 20:14

Microsoft's Threat Intelligence team issued a warning earlier today about the Russian state-sponsored actor APT28 actively exploiting the CVE-2023-23397 Outlook flaw to hijack Microsoft Exchange accounts and steal sensitive information. The tech giant also highlighted the exploitation of other vulnerabilities with publicly available exploits in the same attacks, including CVE-2023-38831 in WinRAR and CVE-2021-40444 in Windows MSHTML. Outlook flaw exploitation background.

Russian Hacker Vladimir Dunaev Pleads Guilty for Creating TrickBot Malware
2023-12-02 07:52

A Russian national has been found guilty in connection with his role in developing and deploying a malware known as TrickBot, the U.S. Department of Justice (DoJ) announced. Vladimir Dunaev, 40,...

US readies prison cell for another Russian Trickbot developer
2023-12-01 15:08

Another member of the Trickbot malware crew now faces a lengthy prison sentence amid US law enforcement's ongoing search for its leading members. Russian national Vladimir Dunaev, 40, faces a maximum sentence of 35 years in prison for his involvement in the now-shuttered Trickbot malware, which was often used to deploy ransomware.

Ukraine says it hacked Russian aviation agency, leaks data
2023-11-27 18:23

Ukraine's intelligence service, operating under the Defense Ministry, claims they hacked Russia's Federal Air Transport Agency, 'Rosaviatsia,' to expose a purported collapse of Russia's aviation sector. Rosaviatsia is the agency responsible for overseeing the civil aviation industry in Russia, keeping records of flight or emergency incidents.

Leader of pro-Russia DDoS crew Killnet unmasked by Russian state media
2023-11-27 11:02

Also: Qakbot on verge of permadeath, Australia can't deliver on ransom payment ban (yet), and Justin Sun's very bad month Infosec in Brief Cybercriminals working out of Russia go to great lengths...

Konni Group Using Russian-Language Malicious Word Docs in Latest Attacks
2023-11-23 14:46

A new phishing attack has been observed leveraging a Russian-language Microsoft Word document to deliver malware capable of harvesting sensitive information from compromised Windows hosts. The...