Security News
As the Russian invasion of Ukraine continues, the latter's government is reportedly seeking cybersecurity volunteers to help defend itself. The Russian National Coordination Center for Computer Incidents has issued an advisory warning of "The threat of an increase in the intensity of computer attacks on Russian information resources."
What sort of attacks should U.S. businesses expect? Kanry said we don't need to look back very far to see an example of the potential havoc state-sponsored cyberattacks can inflict: The Colonial Pipeline attack.
The Computer Emergency Response Team of Ukraine warned today of a spearphishing campaign targeting private email accounts belonging to Ukrainian armed forces personnel. The phishing emails are being sent from two domains, the former trying to impersonate the i.ua free Internet portal providing email services to Ukrainians since 2008.
The Computer Emergency Response Team of Ukraine warned today of a spearphishing campaign targeting private email accounts belonging to Ukrainian armed forces personnel. The phishing emails are being sent from two domains, the former trying to impersonate the i.ua free Internet portal providing email services to Ukrainians since 2008.
Russia's invasion of Ukraine has cleared the way for a new battlefront with the West in cyberspace, with experts warning of an escalation in cyberwarfare. "We expect to see that probably beyond just Ukraine, disinformation to target Western audiences, cyberespionage against key NATO members, as Russia tries to understand the next moves when it comes to sanctions or other steps that Western governments will play," Luke McNamara, principal analyst at cybersecurity consulting firm Mandiant, told The Register.
The new data wiper malware deployed on Ukrainian networks in destructive attacks on Wednesday right before Russia invaded Ukraine earlier today was, in some cases, accompanied by a GoLang-based ransomware decoy. "In several attacks Symantec has investigated to date, ransomware was also deployed against affected organizations at the same time as the wiper. As with the wiper, scheduled tasks were used to deploy the ransomware," Symantec revealed today.
Cybersecurity firms ESET and Broadcom's Symantec said they discovered a new data wiper malware used in fresh attacks against hundreds of machines in Ukraine, as Russian forces formally launched a full-scale military operation against the country. The Slovak company dubbed the wiper "HermeticWiper", with one of the malware samples compiled on December 28, 2021, implying that preparations for the attacks may have been underway for nearly two months.
Renewed DDoS attacks have been launched against websites Ukrainian government agencies and banks. New data wiper malware has been discovered on Ukrainian computers, as well as machines in Latvia and Lithuania.
Hundreds of computers in Ukraine have been infected with data-wiping Windows malware, say researchers at ESET. In a series of tweets on Wednesday, the infosec biz said it picked up its first sample of the software nasty at about 1500 UTC, and believes the code has been in the works for the past two months. The malware uses drivers from a partitioning program to corrupt storage devices and destroy files on infected systems, according to ESET. It's not entirely clear right now how the malware is dropped onto victims' machines and run, though in one case, said ESET, an organization's Active Directory server was probably compromised to distribute the wiper through the network via a group policy object.
Cybersecurity firms have found a new data wiper used in destructive attacks today against Ukrainian networks just as Russia moves troops into regions of Ukraine. A data wiper is malware that intentionally destroys data on a device to make the data unrecoverable and for the operating system to no longer work correctly.