Security News

Ukraine claims it hacked Russian Ministry of Defense servers
2024-03-04 15:41

The Main Intelligence Directorate of Ukraine's Ministry of Defense claims that it breached the servers of the Russian Ministry of Defense and stole sensitive documents. Software used by the Russian Ministry of Defense for protecting and encrypting data.

Russian hackers hijack Ubiquiti routers to launch stealthy attacks
2024-02-27 17:25

Russian military hackers are using compromised Ubiquiti EdgeRouters to evade detection, the FBI says in a joint advisory issued with the NSA, the U.S. Cyber Command, and international partners. APT28 is a notorious Russian hacking group found to be responsible for several high-profile cyber attacks since they first began operating.

Russian hackers shift to cloud attacks, US and allies warn
2024-02-26 17:31

Members of the Five Eyes intelligence alliance warned today that APT29 Russian Foreign Intelligence Service hackers are now switching to attacks targeting their victims' cloud services. The Russian cyberspies also compromised Microsoft 365 accounts belonging to various entities within NATO nations to obtain foreign policy-related data and targeted governments, embassies, and senior officials throughout Europe associated in a string of phishing attacks.

Russian Government Software Backdoored to Deploy Konni RAT Malware
2024-02-22 10:43

An installer for a tool likely used by the Russian Consular Department of the Ministry of Foreign Affairs (MID) has been backdoored to deliver a remote access trojan called Konni RAT (aka UpDog)....

Russian Hackers Target Ukraine with Disinformation and Credential-Harvesting Attacks
2024-02-21 06:01

Cybersecurity researchers have unearthed a new influence operation targeting Ukraine that leverages spam emails to propagate war-related disinformation. The activity has been linked to...

Russian-Linked Hackers Target 80+ Organizations via Roundcube Flaws
2024-02-19 05:05

Threat actors operating with interests aligned to Belarus and Russia have been linked to a new cyber espionage campaign that likely exploited cross-site scripting (XSS) vulnerabilities in...

U.S. authorities disrupt Russian intelligence’s botnet
2024-02-16 10:54

In January 2024, an operation dismantled a network of hundreds of SOHO routers controlled by GRU Military Unit 26165, also known as APT 28, Sofacy Group, Forest Blizzard, Pawn Storm, Fancy Bear, and Sednit. The Department's court-authorized operation leveraged the Moobot malware to copy and delete stolen and malicious data and files from compromised routers.

Feds dismantle Russian GRU botnet built on 1,000-plus home, small biz routers
2024-02-15 21:11

The US government today said it disrupted a botnet that Russia's GRU military intelligence unit used for phishing expeditions, spying, credential harvesting, and data theft against American and foreign governments and other strategic targets. Then the GRU spying team used Moobot to install their own bespoke scripts and files that repurposed the botnet, thus "Turning it into a global cyber espionage platform," according to the Feds.

Pentagon launches nuke-spotting satellites amid Russian space bomb rumors
2024-02-15 20:12

Last night's launch of six Pentagon missile-detection satellites was well timed as fears mount that Russia is considering putting nuclear weapons into space. The US Department of Defense confirmed its payload included two satellites for the Missile Defense Agency's Hypersonic and Ballistic Tracking Space Sensor, and the final four Tranche 0 satellites for the Space Development Agency's Proliferated Warfighter Space Architecture communications constellation.

FBI disrupts Russian Moobot botnet infecting Ubiquiti routers
2024-02-15 18:00

The FBI took down a botnet of small office/home office routers used by Russia's Main Intelligence Directorate of the General Staff to proxy malicious traffic and to target the United States and its allies in spearphishing and credential theft attacks. This network of hundreds of Ubiquiti Edge OS routers infected with Moobot malware was controlled by GRU Military Unit 26165, also tracked as APT28, Fancy Bear, and Sednit.