Security News

Russian national Dmitry Khoroshev is "LockBitSupp", the creator, developer and administator of the infamous LockBit ransomware group, according to UK, US and Australia law enforcement agencies. In February 2024, the UK National Crime Agency took over LockBit's leak site and claimed to have infiltrated the group's network, obtained the LockBit platform's source code, as well as intelligence about its affiliates and victims.

A Russian operator of a now-dismantled BTC-e cryptocurrency exchange has pleaded guilty to money laundering charges from 2011 to 2017. Alexander Vinnik, 44, was charged in January 2017 and taken...

The US government is warning that pro-Russian hacktivists are seeking out and hacking into unsecured operational technology systems used to disrupt critical infrastructure operations. Water plants use OT devices to manage water treatment, distribution, and pressure to provide a continuous and safe water supply.

For nearly four years and perhaps even longer, Forest Blizzard has been using a custom tool that exploits a specific vulnerability in Windows Print Spooler service. Dubbed GooseEgg, the tool is a launcher application that can spawn other applications with SYSTEM-level permissions, thus helping the hackers to perform remote code execution, install backdoors, steal credentials, and more.

Russian hacker group Sandworm aimed to disrupt operations at around 20 critical infrastructure facilities in Ukraine, according to a report from the Ukrainian Computer Emergency Response Team. The attacks occurred in March and in some cases the hackers were able to infiltrate the targeted network by poisoning the supply chain to deliver compromised or vulnerable software, or through the software provider's ability to access organization's systems for maintainance and technical suport.

Your profile can be used to present content that appears more relevant based on your possible interests, such as by adapting the order in which content is shown to you, so that it is even easier for you to find content that matches your interests. Content presented to you on this service can be based on your content personalisation profiles, which can reflect your activity on this or other services, possible interests and personal aspects.

The Sandworm hacking group associated with Russian military intelligence has been hiding attacks and operations behind multiple online personas posing as hacktivist groups. Sandworm - a.k.a. BlackEnergy, Seashell Blizzard, Voodoo Bear, has been active since at least 2009, with multiple governments attributing its operations to Unit 74455, the Main Centre for Special Technologies within the Main Directorate of the General Staff of the Armed Forces of the Russian Federation, better known as the Main Intelligence Directorate.

A previously undocumented "flexible" backdoor called Kapeka has been "sporadically" observed in cyber attacks targeting Eastern Europe, including Estonia and Ukraine, since at least mid-2022. The...

Your profile can be used to present content that appears more relevant based on your possible interests, such as by adapting the order in which content is shown to you, so that it is even easier for you to find content that matches your interests. Content presented to you on this service can be based on your content personalisation profiles, which can reflect your activity on this or other services, possible interests and personal aspects.

The U.S. Treasury Department's Office of Foreign Assets Control has sanctioned three cryptocurrency exchanges for working with OFAC-designated Russian dark web markets and banks. The first, Bitpapa IC FZC LLC, is a peer-to-peer virtual currency exchange that caters to Russian nationals and has facilitated millions of dollars in transactions with two OFAC-designated Russian entities, Hydra Market and Garantex.