Security News

Former members of the Conti cybercrime cartel have been implicated in five different campaigns targeting Ukraine from April to August 2022. One of the prominent campaigns undertaken by the group in June 2022 entailed the abuse of Follina vulnerability in the Windows operating system to deploy CrescentImp and Cobalt Strike Beacons on to targeted hosts in media and critical infrastructure entities.

Google says some former Conti cybercrime gang members, now part of a threat group tracked as UAC-0098, are targeting Ukrainian organizations and European non-governmental organizations. Google TAG says its attribution is based on multiple overlaps between UAC-0098, Trickbot, and the Conti cybercrime group.

Google says some former Conti ransomware gang members, now part of a threat group tracked as UAC-0098, are targeting Ukrainian organizations and European non-governmental organizations. Google TAG says its attribution is based on multiple overlaps between UAC-0098, Trickbot, and the Conti cybercrime group.

The National Police of Ukraine took down a network of call centers used by a cybercrime group focused on financial scams and targeting victims of cryptocurrency scams under the guise of helping them recover their stolen funds. The fraudsters behind these illegal call centers were also allegedly involved in scamming citizens of Ukraine and European Union countries interested in cryptocurrency, securities, gold, and oil investments.

Threat analysts monitoring cyberattacks on Ukraine report that the operations of the notorious Russian state-backed hacking group 'Gamaredon' continue to heavily target the war-torn country. Gamaredon is a group of Russian hackers believed to be part of the 18th Center of Information Security of the FSB, Russia's Federal Security Service.

Russia's Shuckworm cyber group launching ongoing attacks on Ukraine. The Russia-linked cyber group Shuckworm is continuing to target Ukrainian organizations with infostealing malware.

Online attacks against Ukraine were a common tactic in the leadup to Russia's invasion of the country in late February he said. James Kettle, director of research at PortSwigger, demonstrated a new method of HTTP request smuggling at Black Hat that allowed him to compromise Apache servers, break into Akamai and Amazon, and compromise multiple web VPNs. The trick lies in browser-powered desync attacks, which get around limitations of traditional methods that only allow them to work on websites that use a front-end/back-end architecture.

A new hacker forum is taking a unique political stance to support Ukraine in its war with Russia, entertaining only topics and threat activity focused against Russia and Belarus, researchers have found. A closer look at the forum revealed its unique ideology to take a firm political stance to support Ukraine as it defends itself against Russia's invasion, "The only forum we're aware of that is taking such a stance," researchers wrote.

The Ukrainian cyber police has shut down a massive bot farm of 1,000,000 bots used to spread disinformation on social networks. The messages spread by the bots were in line with Russian propaganda, so the operators of the disinformation machine are believed to be members of the Russian special services.

US Cyber Command has disclosed 20 new strains of malware among the numerous software nasties and cyberattacks being used against Ukrainian targets over the last few months. In an alert this week, the Pentagon's cyberspace wing made public indicators of compromise associated with various malware strains that were found in Ukrainian networks by the country's security service.