Security News

Microsoft: Russia stepped up cyberattacks against Ukraine’s allies
2022-06-22 17:59

Microsoft said today that Russian intelligence agencies have stepped up cyberattacks against governments of countries that have allied themselves with Ukraine after Russia's invasion. Since the start of the war, threat actors linked to several Russian intelligence services have attempted to breach entities in dozens of countries worldwide, prioritizing governments, according to Microsoft Threat Intelligence Center analysts.

Russian govt hackers hit Ukraine with Cobalt Strike, CredoMap malware
2022-06-21 19:34

The Ukrainian Computer Emergency Response Team is warning that Russian hacking groups are exploiting the Follina code execution vulnerability in new phishing campaigns to install the CredoMap malware and Cobalt Strike beacons. The RTF document used in the APT28 campaign attempts to exploit CVE-2022-30190, aka "Follina," to download and launch the CredoMap malware on a target's device.

Russian hackers start targeting Ukraine with Follina exploits
2022-06-13 14:28

Ukraine's Computer Emergency Response Team is warning that the Russian hacking group Sandworm may be exploiting Follina, a remote code execution vulnerability in Microsoft Windows Support Diagnostic Tool currently tracked as CVE-2022-30190. It is worth noting that Ukraine's agency assesses with medium confidence that behind the malicious activity is the Sandworm hacker group.

Russia, China, warn US its cyber support of Ukraine has consequences
2022-06-10 03:16

Russia and China have each warned the United States that the offensive cyber-ops it ran to support Ukraine were acts of aggression that invite reprisal. The US has acknowledged it assisted Ukraine to shore up its cyber defences, conducted information operations, and took offensive actions during Russia's illegal invasion.

Dark web sites selling alleged Western weapons sent to Ukraine
2022-06-09 12:30

Several weapon marketplaces on the dark web have listed military-grade firearms allegedly coming from Western countries that sent them to support the Ukrainian army in its fight against the Russian invaders. While the listings appear genuine and the offered weapons are priced realistically, the chances of them being created by pro-Russian actors for propaganda purposes are high.

Dark web sites selling Western weapons allegedly sent to Ukraine
2022-06-09 12:30

Several weapon marketplaces on the dark web have listed military-grade firearms allegedly coming from Western countries that sent them to support the Ukrainian army in its fight against the Russian invaders. While the listings appear genuine and the offered weapons are priced realistically, the chances of them being created by pro-Russian actors for propaganda purposes are high.

Ukraine's secret cyber-defense that blunts Russian attacks: excellent backups
2022-06-08 05:15

The Kremlin-backed cyberattack against satellite communications provider Viasat, which happened an hour before Russia invaded Ukraine, was "One of the biggest cyber events that we have seen, perhaps ever, and certainly in warfare," according to Dmitri Alperovitch, a co-founder of CrowdStrike and chair of security-centric think tank Silverado Policy Accelerator. The two suggested that the primary purpose of the attack on satellite comms provider Viasat was to disrupt Ukrainian communications during the invasion, by wiping the modems' firmware remotely, it also disabled thousands of small-aperture terminals in Ukraine and across Europe.

US ran offensive cyber ops to support Ukraine, says general
2022-06-02 01:01

America's military conducted offensive cyber operations to support Ukraine in its response to Russia's illegal invasion, US Cyber Command chief General Paul Nakasone has said. "The US brings to bear the formidable capabilities of Cyber Command against rogue nation states. Cyberspace is a new domain for warfare."

Ukraine supporters in Germany targeted with PowerShell RAT malware
2022-05-16 18:05

An unknown threat actor is targeting German users interested in the Ukraine crisis, infecting them with a custom PowerShell RAT and stealing their data. These sites offer malicious documents that install a custom RAT that supports remote command execution and file operations.

Ukraine war a sorting hat for cyber-governance loyalties: Black Hat founder Jeff Moss
2022-05-12 04:59

That's the opinion of Jeff Moss, founder of the Black Hat and DEF CON security conferences, who has also served as chief security officer at ICANN, is a member of the Council on Foreign Relations, and was asked to serve on the Obama administration's Homeland Security Advisory Council. Speaking at the Black Hat Asia conference in Singapore today, Moss said the world is currently divided into three "Teams" of nations with different approaches to internet governance.