Security News

The FBI and cybersecurity agencies in Canada and the Netherlands say they have taken down an almost 1,000-strong Twitter bot farm set up by Russian state-run RT News that used generative AI to spread disinformation to Americans and others. The international crime busters seized two web domains and 968 X accounts that were integral parts of the bot farm, the US Department of Justice said in a statement Tuesday.

Almost a thousand Twitter accounts controlled by a large bot farm pushing Russian propaganda and domains used to register the bots were taken down in a joint international law enforcement...

A previously undocumented advanced persistent threat group dubbed CloudSorcerer has been observed targeting Russian government entities by leveraging cloud services for command-and-control and data exfiltration. "It's a sophisticated cyber espionage tool used for stealth monitoring, data collection, and exfiltration via Microsoft Graph, Yandex Cloud, and Dropbox cloud infrastructure," the Russian security vendor said.

A new advanced persistent threat (APT) group named CloudSorcerer abuses public cloud services to steal data from Russian government organizations in cyberespionage attacks. [...]

Apple removed a number of virtual private network apps in Russia from its App Store on July 4, 2024, following a request by Russia's state communications watchdog Roskomnadzor, Russian news media reported. This includes the mobile apps of 25 VPN service providers, including ProtonVPN, Red Shield VPN, NordVPN and Le VPN, according to MediaZona.

RMM software developer TeamViewer says a Russian state-sponsored hacking group known as Midnight Blizzard is believed to be behind a breach of their corporate network this week. TeamViewer says they believe their internal corporate network, not their production environment, was breached on Wednesday, June 26, using an employee's credentials.

The U.S. indicted Russian national Amin Timovich Stigal for his alleged role in cyberattacks targeting Ukrainian government computer networks in an operation from the Russian foreign military intelligence agency prior to invading the country. The announcement from the Department of Justice says that in January 2022 Stigal and members of the GRU used a U.S.-based company to distribute the WhisperGate pseudo-ransomware to systems at dozens of Ukrainian government entities to destroy data.

A 22-year-old Russian national has been indicted in the U.S. for his alleged role in staging destructive cyber attacks against Ukraine and its allies in the days leading to Russia's full-blown...

Russian organizations have been targeted by a cybercrime gang called ExCobalt using a previously unknown Golang-based backdoor known as GoRed. "ExCobalt focuses on cyber espionage and includes...

The Treasury Department's Office of Foreign Assets Control has sanctioned twelve Kaspersky Lab executives for operating in the technology sector of Russia. These sanctions came after the Biden administration announced yesterday the ban of sales and software updates for Kaspersky antivirus software in the USA, which started in July, over potential cybersecurity risks to national security.