Security News

The U.K. National Cyber Security Centre has issued a warning of Russian and Iranian state-sponsored hackers increasingly targeting organizations and individuals. More specifically, the country's cybersecurity agency has identified a spike in spear-phishing attacks attributed to threat actors tracked as SEABORGIUM and TA453.

The Computer Emergency Response Team of Ukraine has linked a destructive malware attack targeting the country's National News Agency of Ukraine to Sandworm Russian military hackers. "According to preliminary data, provided by CERT-UA specialists, the attack have caused certain destructive effects on the agency's information infrastructure, but the threat has been swiftly localized nonetheless," the State Service of Special Communications and Information Protection of Ukraine said.

Groups tied to the Russian intelligence services will also continue to target geographic neighbors with disinformation campaigns, intelligence gathering, and possibly low-level disruptive attacks. Traditional espionage targets will continue to be a focus; for example, we saw evidence in August 2022 of Russian intelligence services using spear phishing emails to target staff at the Argonne and Brookhaven national laboratories in the US, which conduct cutting edge energy research.

The security shop's research team said it has already seen Russian cybercriminals on underground forums discussing OpenAI workarounds so that they can bring ChatGPT to the dark side. We'd have thought ChatGPT would be most useful for coming up with emails and other messages to send people to trick them into handing over their usernames and passwords, but what do we know? Some crooks may find the AI model helpful in offering malicious code and techniques to deploy.

People in Russia can reportedly once again download drivers and some other software from Intel and Microsoft, which both withdrew from the nation after its invasion of Ukraine. The situation, we're assured, is this: while Intel's website generally remains closed to netizens visiting from Russia, if those people can reach Intel's download portal from a search engine or some other place, they can now, once again, use that site even if they are in the land of Putin.

Russian disinformation didn't materially affect the way people voted in the 2016 US presidential election, according to a research study published on Monday, though that doesn't make the effect totally inconsequential. Boffins from New York University, University of Copenhagen, Trinity College Dublin, and Technical University of Munich analyzed more than 700,000 social media posts in April and in October 2016 from Twitter accounts associated with the Internet Research Agency, a Russian influence operation.

The Russian cyberespionage group known as Turla has been observed piggybacking on attack infrastructure used by a decade-old malware to deliver its own reconnaissance and backdoor tools to targets in Ukraine. Google-owned Mandiant, which is tracking the operation under the uncategorized cluster moniker UNC4210, said the hijacked servers correspond to a variant of a commodity malware called ANDROMEDA that was uploaded to VirusTotal in 2013.

Two U.S. citizens were arrested for allegedly conspiring with Russian hackers to hack the John F. Kennedy International Airport taxi dispatch system to move specific taxis to the front of the queue in exchange for a $10 fee. The taxi dispatch system is a computer-controlled system that ensures that taxis are dispatched from the airport's holding lot to pick up the next available fare at the appropriate terminal.

"You still have a lot of soldiers bringing cellphones to the frontline who want to talk to their families and they are either being intercepted as they go through a Ukrainian telecommunications provider or intercepted over the air," said Alperovitch. "That doesn't pose too much difficulty for the Ukrainian security services."

Two men have been charged for allegedly conspiring with Russian hackers to manipulate the taxi dispatch system at New York's John F. Kennedy International Airport. Daniel Abayev, 48, and Peter Leyman, 48, are accused of altering the JFK taxi dispatch system to advance selected taxis to the front of the taxi queue in exchange for a $10 payment, according to a federal indictment [PDF] made public on Tuesday.