Security News

Pro-Ukraine hackers breach Russian ISP in revenge for KyivStar attack
2024-01-10 19:43

A pro-Ukraine hacktivist group named 'Blackjack' has claimed a cyberattack against Russian provider of internet services M9com as a direct response to the attack against Kyivstar mobile operator. Kyivstar is Ukraine's largest telecommunications service provider and its services were severely disrupted in mid-December by what was later revealed to be an attack from Russian hackers.

Russian Hackers Had Covert Access to Ukraine's Telecom Giant for Months
2024-01-05 07:27

Ukrainian cybersecurity authorities have disclosed that the Russian state-sponsored threat actor known as Sandworm was inside telecom operator Kyivstar's systems at least since May 2023. The...

Russian hackers wiped thousands of systems in KyivStar attack
2024-01-04 19:39

The Russian hackers behind a December breach of Kyivstar, Ukraine's largest telecommunications service provider, have wiped almost all systems on the telecom operator's network. Following the incident, Kyivstar's CEO and the SSU suggested that Russian hackers may have been involved, given the ongoing conflict between Ukraine and Russia.

Russian military hackers target Ukraine with new MASEPIE malware
2023-12-28 17:43

Ukraine's Computer Emergency Response Team is warning of a new phishing campaign that allowed Russia-linked hackers to deploy previously unseen malware on a network in under one hour. The links redirect victims to malicious web resources that employ JavaScript to drop a Windows shortcut file that launches PowerShell commands to trigger an infection chain for a new Python malware downloader called 'MASEPIE.'.

Cloud Atlas' Spear-Phishing Attacks Target Russian Agro and Research Companies
2023-12-25 07:47

The threat actor referred to as Cloud Atlas has been linked to a set of spear-phishing attacks on Russian enterprises. Targets included a Russian agro-industrial enterprise and a state-owned...

Cyberattack on Ukraine’s Kyivstar Seems to Be Russian Hacktivists
2023-12-21 12:10

The Solntsepek group has taken credit for the attack. They're linked to the Russian military, so it's unclear whether the attack was government directed or freelance.

Russian hackers target unpatched JetBrains TeamCity servers
2023-12-14 12:58

Russian state-sponsored hackers have been exploiting CVE-2023-42793 to target unpatched, internet-facing JetBrains TeamCity servers since September 2023, US, UK and Polish cybersecurity and law enforcement authorities have warned. As they noted, this time around, "The victim types do not fit into any sort of pattern or trend, aside from having an unpatched, Internet-reachable JetBrains TeamCity server."

Russian SVR-Linked APT29 Targets JetBrains TeamCity Servers in Ongoing Attacks
2023-12-14 10:32

Threat actors affiliated with the Russian Foreign Intelligence Service (SVR) have targeted unpatched JetBrains TeamCity servers in widespread attacks since September 2023. The activity has been...

French police arrests Russian suspect linked to Hive ransomware
2023-12-13 20:25

French authorities arrested a Russian national in Paris for allegedly helping the Hive ransomware gang with laundering their victims' ransom payments. "New arrest in the Hive ransomware affair: after the international search in January to dismantle this network of hackers constituting a serious threat, the Judicial Police arrested in Paris an individual suspected of having laundered money from these cyber attacks," the French National Police said.

CISA: Russian hackers target TeamCity servers since September
2023-12-13 18:02

CISA and partner cybersecurity agencies and intelligence services warned that the APT29 hacking group linked to Russia's Foreign Intelligence Service has been targeting unpatched TeamCity servers in widespread attacks since September 2023. Security researchers at nonprofit internet security outfit Shadowserver Foundation are tracking almost 800 unpatched TeamCity servers that are vulnerable to attacks.