Security News
Ukrainian military entities are the target of a phishing campaign that leverages drone manuals as lures to deliver a Go-based open-source post-exploitation toolkit called Merlin. "Since drones or...
The maintainers of Free Download Manager (FDM) have acknowledged a security incident dating back to 2020 that led to its website being used to distribute malicious Linux software. "It appears that...
Cybersecurity and intelligence agencies from Australia, Canada, New Zealand, the U.K., and the U.S. on Thursday disclosed details of a mobile malware strain targeting Android devices used by the Ukrainian military. The malicious software, dubbed Infamous Chisel and attributed to a Russian state-sponsored actor called Sandworm, has capabilities to "Enable unauthorized access to compromised devices, scan files, monitor traffic, and periodically steal sensitive information."
Hackers working for the Main Directorate of the General Staff of the Armed Forces of the Russian Federation, more commonly known as the GRU, have been targeting Android devices in Ukraine with a new malicious framework named 'Infamous Chisel. The malware was first highlighted in a warning from the Ukrainian Security Service earlier this month about efforts from the Sandworm hacking group to penetrate military command systems.
The defense sector in Ukraine and Eastern Europe has been targeted by a novel. NET-based backdoor called DeliveryCheck that's capable of delivering next-stage payloads.
The Spanish National Police has apprehended a Ukrainian national wanted internationally for his involvement in a scareware operation spanning from 2006 to 2011. "The operation has been carried out by investigators from the General Information Police Station in coordination with the Provincial Information Brigades of Tenerife and Barcelona and with the El Prat Airport Police Station," a Spanish National Police press release published on Saturday reads.
A threat group tracked as APT28 and linked to Russia's General Staff Main Intelligence Directorate has breached Roundcube email servers belonging to multiple Ukrainian organizations, including government entities. In these attacks, the cyber-espionage group leveraged news about the ongoing conflict between Russia and Ukraine to trick recipients into opening malicious emails that would exploit Roundcube Webmail vulnerabilities to hack into unpatched servers.
Microsoft linked Cadet Blizzard to Russia's GRU military intelligence unit. "Cadet Blizzard seeks to conduct disruption, destruction, and information collection, using whatever means are available and sometimes acting in a haphazard fashion," they wrote.
The Russian threat actor known as Shuckworm has continued its cyber assault spree against Ukrainian entities in a bid to steal sensitive information from compromised environments. Targets of the recent intrusions, which began in February/March 2023, include security services, military, and government organizations, Symantec said in a new report shared with The Hacker News.
Squad claimed an attack that took down Russian telecom provider Infotel JSC on Thursday evening. Among other things, Moscow-based Infotel provides connectivity services between the Russian Central Bank and other Russian banks, online stores, and credit institutions.