Security News

America's military conducted offensive cyber operations to support Ukraine in its response to Russia's illegal invasion, US Cyber Command chief General Paul Nakasone has said. "The US brings to bear the formidable capabilities of Cyber Command against rogue nation states. Cyberspace is a new domain for warfare."

An unknown threat actor is targeting German users interested in the Ukraine crisis, infecting them with a custom PowerShell RAT and stealing their data. These sites offer malicious documents that install a custom RAT that supports remote command execution and file operations.

That's the opinion of Jeff Moss, founder of the Black Hat and DEF CON security conferences, who has also served as chief security officer at ICANN, is a member of the Council on Foreign Relations, and was asked to serve on the Obama administration's Homeland Security Advisory Council. Speaking at the Black Hat Asia conference in Singapore today, Moss said the world is currently divided into three "Teams" of nations with different approaches to internet governance.

The US and the European Union have officially blamed Russia for a series of destructive data-wiping malware infections in Ukrainian government and private-sector networks - and said they will "Take steps" to defend against and respond to Kremlin-orchestrated attacks. Beginning in January, and continuing after Russian troops illegally invaded Ukraine the following month, as Ukrainian websites were vandalized or pummeled offline in distributed denial-of-service attacks, Russian cyberspies planted malicious data-destroying code in Ukraine's computers.

The European Union formally accused Russia of coordinating the cyberattack that hit satellite Internet modems in Ukraine on February 24, roughly one hour before Russia invaded Ukraine. One week after the attack, Viasat confirmed that the satellite modems hit in the cyberattack were wiped using AcidRain data destroying malware.

The European Union formally accused Russia of coordinating the cyberattack that hit satellite Internet modems in Ukraine on February 24, roughly one hour before Russia invaded Ukraine. The attack targeted the KA-SAT consumer-oriented satellite broadband service operated by satellite communications provider Viasat.

Ukraine's Computer Emergency Response Team is warning of the mass distribution of Jester Stealer malware via phishing emails using warnings of impending chemical attacks to scare recipients into opening attachments. Ukrainians live under this constant fear, so these phishing emails pretend to be warnings of chemical attacks to ensure that recipients won't ignore their messages.

Hacktivists operating on the side of Ukraine have focused their DDoS attacks on a portal that is considered crucial for the distribution of alcoholic beverages in Russia. DDoS attacks are collective efforts to overwhelm servers with large volumes of garbage traffic and bogus requests, rendering them unable to serve legitimate visitors.

A growing number of threat actors are using the ongoing Russo-Ukrainian war as a lure in various phishing and malware campaigns, even as critical infrastructure entities continue to be heavily targeted. The findings follow disclosures that a China-linked government-sponsored threat actor known as Mustang Panda may have been targeting Russian government officials with an updated version of a remote access trojan called PlugX. Another set of phishing attacks involved APT28 hackers targeting Ukrainian users with a.NET malware that's capable of stealing cookies and passwords from Chrome, Edge and Firefox browsers.

At least six different Russia-aligned actors launched no less than 237 cyberattacks against Ukraine from February 23 to April 8, including 38 discrete destructive attacks that irrevocably destroyed files in hundreds of systems across dozens of organizations in the country. DesertBlade, also a data wiper, is said to have been launched against an unnamed broadcasting company in Ukraine on March 1.