Tag: russia
-
Russia-Linked SpyPress Malware Exploits Webmails to Spy on Ukraine
ESET reports on RoundPress, a cyber espionage campaign by Russia’s Fancy Bear (Sednit) targeting Ukraine-related organizations via webmail… First seen on hackread.com Jump to article: hackread.com/russia-spypress-malware-exploits-webmails-spy-ukraine/
-
Cyberangriff auf eine Klinik in Russland
Russian hospital faces multi-day shutdown as pro-Ukraine group claims cyberattack First seen on therecord.media Jump to article: therecord.media/russia-hospital-shutdown-lecardo
-
Global government webmail servers targeted by Russian cyberespionage operation
First seen on scworld.com Jump to article: www.scworld.com/brief/global-government-webmail-servers-targeted-by-russian-cyberespionage-operation
-
Russian Espionage Operation Targets Organizations Linked to Ukraine War
In Operation RoundPress, the compromise vector is a spearphishing email leveraging an XSS vulnerability to inject malicious JavaScript code into the victim’s webmail page First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/fancy-bear-russia-cyber-espionage/
-
Key lawmaker says pause in offensive cyber operations against Russia lasted one day
Republican Rep. Don Bacon said that a pause in U.S. offensive cyber operations against Russia earlier this year lasted only one day as part of the Trump administration’s negotiations with the Kremlin on ending the war in Ukraine. First seen on therecord.media Jump to article: therecord.media/us-pause-offensive-cyber-operations-russia-lasted-one-day-rep-bacon-says
-
Key lawmaker says pause in offensive cyber operations against Russia lasted one day
Republican Rep. Don Bacon said that a pause in U.S. offensive cyber operations against Russia earlier this year lasted only one day as part of the Trump administration’s negotiations with the Kremlin on ending the war in Ukraine. First seen on therecord.media Jump to article: therecord.media/us-pause-offensive-cyber-operations-russia-lasted-one-day-rep-bacon-says
-
Russian hospital faces multi-day shutdown as pro-Ukraine group claims cyberattack
Authorities in the republic of Chuvashia confirmed attackers targeted software used to manage patient records and medical histories. First seen on therecord.media Jump to article: therecord.media/russia-hospital-shutdown-lecardo
-
Russian hospital faces multi-day shutdown as pro-Ukraine group claims cyberattack
Authorities in the republic of Chuvashia confirmed attackers targeted software used to manage patient records and medical histories. First seen on therecord.media Jump to article: therecord.media/russia-hospital-shutdown-lecardo
-
Pro-Ukraine Group Targets Russian Developers with Python Backdoor
ReversingLabs discovers dbgpkg, a fake Python debugger that secretly backdoors systems to steal data. Researchers suspect a pro-Ukraine… First seen on hackread.com Jump to article: hackread.com/ukraine-group-russian-developers-python-backdoor/
-
Cybercriminal Andrei Tarasov Escapes US Extradition, Returns to Russia
Andrei Vladimirovich Tarasov, a 33-year-old Russian cybercrime figure known online as >>Aels,
-
Operation RoundPress: Sednit Weaponizes XSS to Breach Global Webmail Servers
ESET researchers have exposed a covert cyberespionage campaign, dubbed Operation RoundPress, believed to be orchestrated by the Russia-aligned First seen on securityonline.info Jump to article: securityonline.info/operation-roundpress-sednit-weaponizes-xss-to-breach-global-webmail-servers/
-
After helping Russia on the ground North Korea targets Ukraine with cyberespionage
Tags: credentials, cyber, cyberespionage, email, government, hacker, identity, intelligence, korea, microsoft, north-korea, phishing, resilience, risk, russia, ukraineCredential harvesting: Before the phishing emails, the same Ukrainian government entities were targeted with email alerts impersonating Microsoft and claiming unusual sign-in activity was detected on their accounts. The victims were asked to perform identity verification by clicking on a button, which took them to credential harvesting pages.The Proofpoint researchers didn’t manage to obtain any…
-
Google patches Chrome vulnerability used for account takeover and MFA bypass
How could this be exploited?: OAuth provides a way of giving access to something without the need for a password. It’s useful in multiple scenarios, for example, in single sign-on (SSO). Users might also encounter it when giving a contact access to a file or document in a cloud service such as Microsoft 365 without…
-
Breach Roundup: SAP NetWeaver Flaw Draws Hackers
Tags: breach, conference, credentials, flaw, hacker, ivanti, microsoft, north-korea, russia, sap, zero-dayAlso, DOGE Employee’s Credentials Found in Infostealer Dumps. This week, SAP NetWeaver flaw drew hackers, zero-days in Ivanti EPMM, DOGE employee’s credentials found in infostealer dumps and Nucor halted operations. North Korean hackers targeted South Koreans with fake conference invites, Russian hackers targeted webmail servers and Microsoft fixed 72 flaws. First seen on govinfosecurity.com Jump…
-
Attack claimed by pro-Ukraine hackers reportedly erases a third of Russian court case archive
About a third of the case file archive of Pravosudiye, Russia’s national electronic court filing system, was deleted in a previously reported cyberattack, auditors said. First seen on therecord.media Jump to article: therecord.media/russia-court-system-hack-third-of-case-files-deleted
-
Kremlin-linked hackers target webmail servers of Eastern European government agencies
Russia-linked hackers known as APT28 mainly targeted entities in Ukraine, Bulgaria and Romania, but governments in Africa, South America and other parts of Europe were also affected. First seen on therecord.media Jump to article: therecord.media/kremlin-linked-hackers-target-webmail-eastern-europe-governments
-
Russian Hackers Exploit XSS Vulnerabilities to Inject Malicious Code into Email Servers
Tags: blizzard, cyber, cyberespionage, cybersecurity, email, exploit, group, hacker, malicious, russia, vulnerability, xssA sophisticated cyberespionage campaign, dubbed Operation RoundPress, has been uncovered by cybersecurity researchers at ESET. Attributed with medium confidence to the Russian-linked Sednit group-also known as APT28, Fancy Bear, and Forest Blizzard-this operation targets high-value webmail servers using cross-site scripting (XSS) vulnerabilities. Active since at least 2004, Sednit has a notorious history, including alleged involvement…
-
Russia-Linked APT28 Exploited MDaemon Zero-Day to Hack Government Webmail Servers
A Russia-linked threat actor has been attributed to a cyber espionage operation targeting webmail servers such as Roundcube, Horde, MDaemon, and Zimbra via cross-site scripting (XSS) vulnerabilities, including a then-zero-day in MDaemon, according to new findings from ESET.The activity, which commenced in 2023, has been codenamed Operation RoundPress by the Slovak cybersecurity company. It has…
-
TA406 Hackers Target Government Entities to Steal Login Credentials
Tags: attack, credentials, cyber, government, hacker, intelligence, login, malware, north-korea, phishing, russia, threat, ukraineThe North Korean state-sponsored threat actor TA406, also tracked as Opal Sleet and Konni, has set its sights on Ukrainian government entities. Proofpoint researchers have uncovered a dual-pronged offensive involving both credential harvesting and malware deployment through highly targeted phishing campaigns. The likely objective of these attacks is to gather strategic intelligence on the Russian…
-
Russian internet shutdown that disrupted essential services condemned by rights groups
Russian authorities restricted mobile internet access from May 5 to May 9, citing security concerns related to the preparation and celebration of the Victory Day parade in Moscow. First seen on therecord.media Jump to article: therecord.media/russian-internet-shutdown-condemned-by-rights-groups
-
Russian military cadet reportedly arrested for selling hacking tool to FSB agent
A Russian military cadet reportedly developed an algorithm that could bypass the protective infrastructure of law enforcement software and gain access to restricted data. First seen on therecord.media Jump to article: therecord.media/russian-military-cadet-reportedly-arrested-for-selling-hacking-tool
-
Info leak hits Russian aviation center
First seen on scworld.com Jump to article: www.scworld.com/brief/info-leak-hits-russian-aviation-center
-
Four Hackers Caught Exploiting Old Routers as Proxy Servers
U.S. authorities unsealed charges against four foreign nationals accused of operating a global cybercrime scheme that hijacked outdated wireless routers to create malicious proxy networks. Russian nationals Alexey Viktorovich Chertkov (37), Kirill Vladimirovich Morozov (41), Aleksandr Aleksandrovich Shishkin (36), and Kazakhstani Dmitriy Rubtsov (38) face conspiracy and computer crime charges for allegedly profiting from botnets…
-
North Korean hackers target Ukrainian government in new espionage campaign
The latest wave of activity in Ukraine suggests that Pyongyang is seeking to “better understand the appetite to continue fighting against the Russian invasion” and “the medium-term outlook of the conflict,” according to the latest report by cybersecurity firm Proofpoint. First seen on therecord.media Jump to article: therecord.media/north-korea-hackers-target-ukraine-to-understand-russian-war-efforts
-
North Korean Konni APT Targets Ukraine with Malware to track Russian Invasion Progress
Tags: apt, government, group, intelligence, korea, malware, north-korea, phishing, russia, threat, ukraineThe North Korea-linked threat actor known as Konni APT has been attributed to a phishing campaign targeting government entities in Ukraine, indicating the threat actor’s targeting beyond Russia.Enterprise security firm Proofpoint said the end goal of the campaign is to collect intelligence on the “trajectory of the Russian invasion.””The group’s interest in Ukraine follows historical…
-
Russia’s ‘outsourced’ Bulgarian spy ring sentenced to more than 50 years in UK
Six Bulgarians tasked with spy operations in the U.K. on behalf of Russian intelligence each received multi-year prison sentences for their activities. First seen on therecord.media Jump to article: therecord.media/bulgarian-members-russian-spy-ring-sentenced-uk
-
Poland to shut Russian consulate after blaming Kremlin spies for arson attack on Warsaw mall
“We will catch them all!” said Polish Prime Minister Donald Tusk as the country’s government moved to close a Russian consulate after accusing Kremlin-backed operators of being behind a Warsaw mall fire. First seen on therecord.media Jump to article: therecord.media/poland-shuts-russian-consolate-blames-kremlin-warsaw-fire
-
Russian FSB Hackers Deploy New Lostkeys Malware
Malware Targets Western Officials, NGOs and Journalists. Russian cyber espionage hackers are using a new malware strain dubbed Lostkeys in a targeted espionage campaign aimed at Western officials, NGOs and journalists. Google researchers attribute Lostkeys to the threat group Coldriver, an operational unit within the Federal Security Service. First seen on govinfosecurity.com Jump to article:…