Security News
For a period of two years between September 2019 and September 2021, two Americans and two Russians allegedly compromising the taxi dispatch system at John F. Kennedy International Airport in New York to sell cabbies a place at the front of the dispatch line. "As alleged in the indictment, these four defendants conspired to hack into the taxi dispatch system at JFK airport," said US Attorney Damian Williams in a statement.
The Russian APT28 hacking group has been targeting government entities, businesses, universities, research institutes, and think tanks in France since the second half of 2021. The Russian hackers have been compromising peripheral devices on critical networks of French organizations and moving away from utilizing backdoors to evade detection.
Several state and key industrial organizations in Russia were attacked with a custom Go-based backdoor that performs data theft, likely aiding espionage operations. Kaspersky first detected the campaign in June 2023, while in mid-August, the cybersecurity firm spotted a newer version of the backdoor that introduced better evasion, indicating ongoing optimization of the attacks.
Google's Threat Analysis Group, a team of security experts who defend Google users from state-sponsored attacks, has detected state hackers from several countries targeting the bug, including the Sandworm, APT28, and APT40 threat groups from Russia and China. In an early September attack, Russian Sandworm hackers delivered Rhadamanthys infostealer malware in phishing attacks using fake invitations to join a Ukrainian drone training school.
The agency states that the Russian hackers "Interfered" with the communication systems of 11 telcos in the country, leading to service interruptions and potential data breaches. Sandworm is a very active espionage threat group linked to Russia's GRU. The attackers have focused on Ukraine throughout 2023, using phishing lures, Android malware, and data-wipers.
Pro-Russian hacking groups have exploited a recently disclosed security vulnerability in the WinRAR archiving utility as part of a phishing campaign designed to harvest credentials from...
"Their primary objectives were to identify which evidence of Russian war crimes and exercise control over potential ground-deployed spies have our law enforcement teams," states the report [PDF], which was released on Monday. Intruders linked to Russia's Federal Security Service, Main Intelligence Directorate, and Foreign Intelligence Service also sought out material that could be used in criminal proceedings against Russian spies, other specific individuals, institutions, and organizations "Potentially leading to sanctions or other actions," the SSSCIP reports.
The Government of British Overseas Territory Bermuda has linked a cyberattack affecting all its departments' IT systems since Thursday to hackers based out of Russia. "The public is advised that the Government Is currently experiencing internet/email and phone service interruptions. All Departments are impacted," the Bermuda Government said.
A Russian national helped smuggle, via shell companies in Hong Kong, more than $1.6 million in microelectronics to Moscow potentially to support its war against Ukraine, it is claimed. "Probably more than obvious at this time, but the company and board have decided it is no longer right for us to sell or ship to Russian customers and risk that our displays will be used in devices that could put US or NATO forces in harm's way, or support Russia's unlawful invasion of Ukraine and its human rights abuse," a company exec said in an email to employees, which was quoted in the prosecution's court filings.
September 13th 2023 Hackers use new 3AM ransomware to save failed LockBit attack. A new ransomware strain called 3AM has been uncovered after a threat actor used it in an attack that failed to deploy LockBit ransomware on a target network.