Security News

Hacked WordPress sites force visitors to DDoS Ukrainian targets
2022-03-28 21:55

Hackers are compromising WordPress sites to insert a malicious script that uses visitors' browsers to perform distributed denial-of-service attacks on Ukrainian websites. Today, MalwareHunterTeam discovered a WordPress site compromised to use this script, targeting ten websites with Distributed Denial of Service attacks.

Facebook removes deepfake of Ukrainian President Zelenskyy
2022-03-16 21:34

Facebook has removed a deepfake video of Ukrainian President Volodymyr Zelenskyy spreading across the social network and the Internet, asking Ukrainian troops lay down their arms and surrender. "Earlier today, our teams identified and removed a deepfake video claiming to show President Zelensky issuing a statement he never did," said Nathaniel Gleicher, the head of security policy at Meta, Facebook's parent company.

HackerOne apologizes to Ukrainian hackers for mistakenly blocking payouts
2022-03-15 22:35

Today, Chris Evans, the CISO of bug bounty platform HackerOne, apologized to Ukrainian hackers after erroneously blocking their bug bounty payouts following sanctions imposed on Russia and Belarus after Ukraine's invasion. "Due to current economic sanctions and export controls, if you are based in Ukraine, Russia, or Belarus all communications and transactions have been paused for the time being," an email received by Ukrainian hackers from HackerOne read. The decision to freeze accounts for Ukrainians on the bug bounty platforms was also shared by HackerOne CEO Mårten Mickos via a now-deleted tweet saying that the company would re-route all rewards to UNICEF for all hackers from sanctioned areas.

CaddyWiper: Yet Another Data Wiping Malware Targeting Ukrainian Networks
2022-03-15 20:12

Two weeks after details emerged about a second data wiper strain delivered in attacks against Ukraine, yet another destructive malware has been detected amid Russia's continuing military invasion of the country. Slovak cybersecurity company ESET dubbed the third wiper "CaddyWiper," which it said it first observed on March 14 around 9:38 a.m. UTC. Metadata associated with the executable shows that the malware was compiled at 7:19 a.m. UTC, a little over two hours prior to its deployment.

Cybercriminals are targeting Ukrainian sympathizers, what can you do to remain safe?
2022-03-15 18:42

Cybercriminals are targeting Ukrainian sympathizers, what can you do to remain safe? Cisco Talos published findings March 12 detailing a number of malware items being disguised as offensive cyber tools against Russian entities, when in actuality, the virus is designed to infect users who download the software.

New CaddyWiper data wiping malware hits Ukrainian networks
2022-03-14 19:06

Newly discovered data-destroying malware was observed earlier today in attacks targeting Ukrainian organizations and deleting data across systems on compromised networks. "This new malware erases user data and partition information from attached drives," ESET Research Labs explained.

Google: Russian Hackers Target Ukrainians, European Allies via Phishing Attacks
2022-03-11 04:44

A broad range of threat actors, including Fancy Bear, Ghostwriter, and Mustang Panda, have launched phishing campaigns against Ukraine, Poland, and other European entities amid Russia's invasion of Ukraine. Google's Threat Analysis Group said it took down two Blogspot domains that were used by the nation-state group FancyBear - which is attributed to Russia's GRU military intelligence - as a landing page for its social engineering attacks.

Ukrainian Hacker Linked to REvil Ransomware Attacks Extradited to United States
2022-03-10 19:01

Yaroslav Vasinskyi, a Ukrainian national, linked to the Russia-based REvil ransomware group has been extradited to the U.S. to face charges for his role in carrying out the file-encrypting malware attacks against several companies, including Kaseya last July. The 22-year-old had been previously arrested in Poland in October 2021, prompting the U.S. Justice Department to file charges of conspiracy to commit fraud and related activity in connection with computers, damage to protected computers, and conspiracy to commit money laundering.

Ukrainian CERT Warns Citizens of Phishing Attacks Using Compromised Accounts
2022-03-08 05:47

Ukraine's Computer Emergency Response Team warned of new phishing attacks aimed at its citizens by leveraging compromised email accounts belonging to three different Indian entities with the goal of compromising their inboxes and stealing sensitive information. "In this way, they gain access to the email inboxes of Ukrainian citizens."

MacPaw’s ClearVPN enables secure connectivity, helps in supporting Ukrainian resistance
2022-03-05 00:10

MacPaw's ClearVPN enables secure connectivity, helps in supporting Ukrainian resistance. MacPaw's ClearVPN application not only assists in securely accessing content, enabling encrypted connections and securing online traffic and transactions, but with a recent update the VPN utility now also simplifies supporting Ukraine resistance efforts.