Security News

The data wiping malware called AcidPour may have been deployed in attacks targeting four telecom providers in Ukraine, new findings from SentinelOne show. The cybersecurity firm also confirmed...

Today's edition of the week-long LockBit leaks reveals a father-son duo was apprehended in Ukraine as part of the series of takedown-related arrests this week. The National Police of Ukraine confirmed the relationship of the pair after they were arrested at the request of the French government.

The Computer Emergency Response Team of Ukraine (CERT-UA) has warned that more than 2,000 computers in the country have been infected by a strain of malware called DirtyMoe. The...

A 29-year-old Ukrainian national has been arrested in connection with running a “sophisticated cryptojacking scheme,” netting them over $2 million (€1.8 million) in illicit profits. The person was...

Supported by the National Police of Ukraine, Europol arrested a 29-year-old, whose identity is being withheld, this week in Mykolaiv, Ukraine. An unnamed cloud provider worked with Europol et al to bring the crook into custody - an effort that also saw three properties raided as authorities built up their portfolio of evidence against them.

The threat actor known as UAC-0099 has been linked to continued attacks aimed at Ukraine, some of which leverage a high-severity flaw in the WinRAR software to deliver a malware strain called...

The Ukrainian government's military intelligence service says it hacked the Russian Federal Taxation Service, wiping the agency's database and backup copies. Following this operation, carried out by cyber units within Ukraine's Defense Intelligence, military intelligence officers breached Russia's federal taxation service central servers and 2,300 regional servers across Russia and occupied Ukrainian territories.

Law enforcement and judicial authorities from seven countries have joined forces with Europol and Eurojust to dismantle and apprehend in Ukraine key figures behind significant ransomware operations. More than 20 investigators from Norway, France, Germany and the United States were deployed to Kyiv to assist the Ukrainian National Police with their investigative measures.

Russia-backed ATP group Sandworm is behind the cyberattack that caused disruption of parts of the Ukrainian power grid in late 2022, according to Mandiant. In this particular "Multi-event cyber attack" described by Mandiant, they used living off the land techniques to target OT systems and trigger a power outage, which happened simultaneously with missile strikes on Ukrainian critical infrastructure.

Blackouts in Ukraine last year were not just caused by missile strikes on the nation but also by a seemingly coordinated cyberattack on one of its power plants. That's according to Mandiant's threat intel team, which said Russia's Sandworm crew was behind the two-pronged power-outage and data-wiping attack.