Security News

The Russia-linked Gamaredon group attempted to unsuccessfully break into a large petroleum refining company within a NATO member state earlier this year amid the ongoing Russo-Ukrainian war. The attack, which took place on August 30, 2022, is just one of multiple attacks orchestrated by the advanced persistent threat that's attributed to Russia's Federal Security Service.

A state-sponsored hacking group with links to Russia has been linked to attack infrastructure that spoofs the Microsoft login page of Global Ordnance, a legitimate U.S.-based military weapons and hardware supplier. The cybersecurity firm said it discovered 38 domains, nine of which contained references to companies like UMO Poland, Sangrail LTD, DTGruelle, Blue Sky Network, the Commission for International Justice and Accountability, and the Russian Ministry of Internal Affairs.

Where's the Night's Watch when you need them? Microsoft has warned Europe to be on alert for cyber attacks from Russia this winter, just as a series of attacks hit Russian organizations –...

Kaspersky is reporting on a data wiper masquerading as ransomware that is targeting local Russian government networks. The Trojan corrupts any data that's not vital for the functioning of the operating system.

Microsoft has warned of Russian-sponsored cyberattacks continuing to target Ukrainian infrastructure and NATO allies in Europe throughout the winter. Redmond said in a report published over the weekend that it observed a pattern of targeted attacks on infrastructure in Ukraine by the Russian military intelligence threat group Sandworm in association with missile strikes.

A new data wiper malware called CryWiper has been found targeting Russian government agencies, including mayor's offices and courts. "The activity of CryWiper once again shows that the payment of the ransom does not guarantee the recovery of files," the researchers said, stating the malware "Deliberately destroys the contents of files."

A previously undocumented data wiper named CryWiper is masquerading as ransomware, but in reality, destroys data beyond recovery in attacks against Russian mayor's offices and courts. "In the fall of 2022, our solutions detected attempts by a previously unknown Trojan, which we named CryWiper, to attack an organization's network in the Russian Federation," explains the new report by Kaspersky.

A previously undocumented data wiper named CryWiper is masquerading as ransomware, extorting victims to pay for a decrypter, but in reality, it just destroys data beyond recovery. CryWiper was first discovered by Kaspersky this fall, seen in attacks against organizations in the Russian Federation.

New ransomware attacks targeting organizations in Ukraine first detected this Monday have been linked to the notorious Russian military threat group Sandworm. "There are similarities with previous attacks conducted by Sandworm: a PowerShell script used to distribute the.NET ransomware from the domain controller is almost identical to the one seen last April during the Industroyer2 attacks against the energy sector."

The website of the European Parliament has been taken down following a DDoS attack claimed by a pro-Russia group of hacktivists calling themselves Anonymous Russia. The Director General for Communication and Spokesperson of the European Parliament, Jaume Dauch, also stated after the website went down that the outage was caused by an ongoing DDoS attack.