Tag: russia
-
Poisoned Windows shortcuts found to be a favorite of Chinese, Russian, N. Korean state hackers
The Zero Day Initiative measured the prevalence of manipulated Windows shortcut files in campaigns attributed to nation-state hacking groups, finding at least 11 exploited a bug that allows malicious use of the files. First seen on therecord.media Jump to article: therecord.media/windows-lnk-files-nation-state-hacking-campaigns
-
UK Official Says Russian Disinfo Blocked in 2024 Election
Doppelganger Unsuccessfully Attempted to Distort Election, UK Minister Said. A Russian government-directed foreign influence campaign unsuccessfully attempted to disrupt the 2024 U.K. elections, a British security minister told a parliamentary committee. The government identified disinformation networks linked to Russian influence campaign widely tracked as Doppelganger. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/uk-official-says-russian-disinfo-blocked-in-2024-election-a-27759
-
Black Basta Leader in League With Russian Officials, Chat Logs Show
Though the chat logs were leaked a month ago, analysts are now seeing that Russian officials may have assisted Black Basta members according, to the shared messages. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/black-basta-league-russian-officials-chat-logs
-
New Windows zero-day exploited by 11 state hacking groups since 2017
At least 11 state-backed hacking groups from North Korea, Iran, Russia, and China have been exploiting a new Windows vulnerability in data theft and cyber espionage zero-day attacks since 2017. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/new-windows-zero-day-exploited-by-11-state-hacking-groups-since-2017/
-
Russia using criminal networks to drive increase in sabotage acts, says Europol
Proxies deploying tactics including migrant smuggling in destabilisation efforts across EU, enforcement agency finds<ul><li><a href=”https://www.theguardian.com/world/live/2025/mar/18/trump-putin-call-ukraine-ceasefire-proposals-european-council-meeting-europe-live-news-latest”>Europe live latest updates</li></ul>Russia and other state actors are driving an increase in politically motivated cyber-attacks and sabotage of infrastructure and public institutions in the EU, the bloc’s police enforcement agency has found.Europol’s 80-page serious and organised crime threat assessment for…
-
Microsoft isn’t fixing 8-year-old shortcut exploit abused for spying
‘Only’ a local access bug but important part of N Korea, Russia, and China attack picture First seen on theregister.com Jump to article: www.theregister.com/2025/03/18/microsoft_trend_flaw/
-
Unpatched Windows Zero-Day Flaw Exploited by 11 State-Sponsored Threat Groups Since 2017
An unpatched security flaw impacting Microsoft Windows has been exploited by 11 state-sponsored groups from China, Iran, North Korea, and Russia as part of data theft, espionage, and financially motivated campaigns that date back to 2017.The zero-day vulnerability, tracked by Trend Micro’s Zero Day Initiative (ZDI) as ZDI-CAN-25373, refers to an issue that allows bad…
-
BlackBasta Ransomware Ties to Russian Authorities Uncovered
Leaked chat logs have exposed connections between the BlackBasta ransomware group and Russian authorities, according to new analysis by Trellix First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/blackbasta-ransomwares-ties-russia/
-
>>My vas pokhoronim!<<
CISA, in collaboration with the FBI and NSA, identified and attributed multiple attacks to Russian entities, emphasizing the risks posed by state-backed Advanced Persistent Threats (APTs). First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/03/my-vas-pokhoronim/
-
Hackers are exploiting Fortinet firewall bugs to plant ransomware
Security researchers say that a threat actor it calls Mora_001 has ‘close ties’ to the Russia-linked hacking group First seen on techcrunch.com Jump to article: techcrunch.com/2025/03/17/hackers-are-exploiting-fortinet-firewall-bugs-to-plant-ransomware/
-
Telegram CEO confirms leaving France amid criminal probe
The Russian-born founder and owner of the messaging app Telegram said he returned to Dubai after spending several months in France due to a criminal investigation related to activity on the app. First seen on therecord.media Jump to article: therecord.media/telegram-pavel-durov-leaves-france-amid-probe
-
UK Cybersecurity Weekly News Roundup 16 March 2025
Tags: access, apple, attack, backdoor, backup, compliance, control, cyber, cyberattack, cybercrime, cybersecurity, data, encryption, finance, firewall, government, group, hacking, insurance, law, lockbit, malicious, network, office, privacy, ransomware, regulation, risk, russia, service, software, virusWelcome to this week’s edition of our cybersecurity news roundup, bringing you the latest developments and insights from the UK and beyond. UK Government’s Stance on Encryption Raises Global Concerns The UK government has ordered Apple to provide backdoor access to iCloud users’ encrypted backups under the Investigatory Powers Act of 2016. This secret order…
-
AI development pipeline attacks expand CISOs’ software supply chain risk
Tags: access, ai, api, application-security, attack, backdoor, breach, business, ciso, cloud, container, control, cyber, cybersecurity, data, data-breach, detection, encryption, exploit, flaw, fortinet, government, infrastructure, injection, intelligence, LLM, malicious, malware, ml, network, open-source, password, penetration-testing, programming, pypi, risk, risk-assessment, russia, saas, sbom, service, software, supply-chain, threat, tool, training, vpn, vulnerabilitydevelopment pipelines are exacerbating software supply chain security problems.Incidents of exposed development secrets via publicly accessible, open-source packages rose 12% last year compared to 2023, according to ReversingLabs (RL).A scan of 30 of the most popular open-source packages found an average of six critical-severity and 33 high-severity flaws per package.Commercial software packages are also a…
-
New York Times Spoofed to Hide Russian Disinformation Campaign
Operation Doppelganger has convincingly masqueraded as multiple news sites with elaborate fake stories containing real bylines of journalists, blasting them out on social media platforms. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/new-york-times-spoofed-russian-disinformation-campaign
-
Major LockBit Ransomware Developer Extradited to U.S.
Recently, a dual Russian and Israeli national, Rostislav Panev, 51, has been extradited to the United States to First seen on securityonline.info Jump to article: securityonline.info/major-lockbit-ransomware-developer-extradited-to-u-s/
-
Head Mare and Twelve: Inside the Collaboration Targeting Russian Companies
In a series of attacks targeting Russian companies in September 2024, cybersecurity researchers uncovered evidence of collaboration between First seen on securityonline.info Jump to article: securityonline.info/head-mare-and-twelve-inside-the-collaboration-targeting-russian-companies/
-
Alleged Russian LockBit developer extradited from Israel, appears in New Jersey court
Rostislav Panev, who was arrested in Israel in August 2024 on U.S. charges related to dozens of LockBit ransomware attacks, has been extradited and appeared in a New Jersey federal court, authorities said. First seen on therecord.media Jump to article: therecord.media/lockbit-alleged-russian-developer-extradited-us-israel
-
Alleged Israeli LockBit Developer Rostislav Panev Extradited to U.S. for Cybercrime Charges
A 51-year-old dual Russian and Israeli national who is alleged to be a developer of the LockBit ransomware group has been extradited to the United States, nearly three months after he was formally charged in connection with the e-crime scheme.Rostislav Panev was previously arrested in Israel in August 2024. He is said to have been…
-
LockBit ransomware developer Rostislav Panev was extradited from Israel to the U.S.
The US Justice Department announced that the LockBit ransomware developer Rostislav Panev was extradited from Israel to the U.S. The US Justice Department announced that one of the LockBit ransomware developer, Rostislav Panev (51), has been extradited to the United States. The dual Russian-Israeli national was arrested in Israel in 2024 and faces charges related…
-
Suspected LockBit Ransomware Developer Extradited to US
Feds Accuse Dual Russian-Israeli National of Serving as Key Member of Operation. An accused developer for Russian-speaking ransomware group LockBit, 51-year-old Rostislav Panev, appeared in a U.S. courtroom after being extradited from Israel. The dual Russian and Israeli citizen faces a 41 count superseding criminal indictment charging him with being a key member of the…
-
Suspected LockBit ransomware dev extradited to United States
A dual Russian-Israeli national, suspected of being a key developer for the LockBit ransomware operation, has been extradited to the United States to face charges. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/suspected-lockbit-ransomware-dev-extradited-to-united-states/
-
LockBit Ransomware Developer Extradited to US
Russian-Israeli LockBit ransomware developer Rostislav Panev has been extradited from Israel to the United States. The post LockBit Ransomware Developer Extradited to US appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/lockbit-ransomware-developer-extradited-to-us/
-
SuperBlack Ransomware operators exploit Fortinet Firewall flaws in recent attacks
Operators behind the SuperBlack ransomware exploited two vulnerabilities in Fortinet firewalls for recent attacks. Between January and March, researchers at Forescout Research Vedere Labs observed a threat actors exploiting two Fortinet vulnerabilities to deploy the SuperBlack ransomware. The experts attribute the attacks to a threat actor named “Mora_001” which using Russian-language artifacts and exhibiting […]…
-
The most notorious and damaging ransomware of all time
Tags: access, android, attack, backdoor, backup, banking, botnet, breach, communications, computer, control, credentials, cryptography, cyber, cybercrime, dark-web, data, defense, detection, email, encryption, endpoint, exploit, extortion, finance, flaw, framework, germany, google, government, group, hacker, hacking, healthcare, infection, infrastructure, international, jobs, korea, law, lazarus, leak, linux, malicious, malware, microsoft, mobile, msp, network, north-korea, office, open-source, oracle, password, phishing, phone, powershell, ransom, ransomware, russia, service, software, spam, switch, technology, threat, tool, ukraine, update, usa, virus, vulnerability, windowsConti: History: First appearing in May 2020, the Conti RaaS platform is considered the successor to the Ryuk ransomware. As of January 2021, Conti is believed to have infected over 150 organizations and earned millions of dollars for its criminal developers and their affiliates. At least three new versions have been found since its inception.How it works: Conti uses the…
-
U.S. Charges LockBit Ransomware Developer in Cybercrime Crackdown
The U.S. Department of Justice has charged Rostislav Panev, a dual Russian and Israeli national, for his role as a developer of the notorious LockBit ransomware group. Panev, 51, was arrested in Israel in August following a U.S. provisional arrest request, and he is currently awaiting extradition to the United States. This action marks a…
-
Ukraine loses Signal support for anti-Russian cyber threat efforts, says official
First seen on scworld.com Jump to article: www.scworld.com/brief/ukraine-loses-signal-support-for-anti-russian-cyber-threat-efforts-says-official
-
Groups From China, Russia, Iran Hitting OT Systems Worldwide
Threat Groups Are Mapping OT Networks for Future Targeting, Warns Dragos. A China-linked threat group called Voltzite is targeting operational technology systems at critical infrastructure organizations worldwide to steal network diagrams, OT operating instructions and information about geographic information systems, said cybersecurity firm Dragos. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/groups-from-china-russia-iran-hitting-ot-systems-worldwide-a-27722
-
Ukraine seeks to bolster offensive cyber capabilities amid rising threats from Russia
A senior Ukrainian national security figure said the country is working on strengthening its offensive cyber capacity and is encouraging its European partners to join these efforts. First seen on therecord.media Jump to article: therecord.media/ukraine-russia-cyber-offensive-bolster
-
Signal no longer cooperating with Ukraine on Russian cyberthreats, official says
The encrypted messaging app Signal has stopped responding to requests from Ukrainian law enforcement regarding Russian cyberthreats, a Ukrainian official claimed, warning that the shift is aiding Moscow’s intelligence efforts. First seen on therecord.media Jump to article: therecord.media/signal-no-longer-cooperating-with-ukraine
-
Garantex crypto exchange admin arrested while on vacation
Indian authorities arrested Aleksej Besciokov, the co-founder and one of the administrators of the Russian Garantex crypto-exchange while vacationing with his family in Varkala, India. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/garantex-crypto-exchange-admin-arrested-while-on-vacation/