Tag: russia
-
Russian APT >>Secret Blizzard<< Leverages Cybercriminal Tools in Ukraine Attacks
A new report from Microsoft Threat Intelligence reveals that the Russian state-sponsored threat actor known as Secret Blizzard (also tracked as Turla, Waterbug, Venomous Bear, Snake, Turla Team, and Turla... First seen on securityonline.info Jump to article: securityonline.info/russian-apt-secret-blizzard-leverages-cybercriminal-tools-in-ukraine-attacks/
-
Time of Reckoning Reviewing My 2024 Cybersecurity Predictions
Tags: ai, attack, automation, awareness, breach, business, chatgpt, china, compliance, cyber, cyberattack, cybercrime, cybersecurity, data, data-breach, disinformation, election, espionage, exploit, healthcare, incident response, infrastructure, jobs, law, linkedin, malware, monitoring, moveIT, phishing, privacy, ransomware, regulation, risk, russia, service, software, supply-chain, technology, threat, tool, ukraine, update, vulnerability, warfare, zero-dayThe brutal reality is that cybersecurity predictions are only as valuable as their accuracy. As 2024 comes to a close, I revisit my forecasts to assess their utility in guiding meaningful decisions. Anyone can make predictions (and far too many do), but actually being correct is another matter altogether. It is commonplace for security companies…
-
Russia blocks Viber in latest attempt to censor communications
Russian telecommunications watchdog Roskomnadzor has blocked the Viber encrypted messaging app, used by hundreds of millions worldwide, for violating the country’s legislation. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/russia-blocks-viber-in-latest-attempt-to-censor-communications/
-
Ukraine uncovers Russian spy network recruiting teens for espionage
The suspected spies were allegedly photographing Ukrainian air defense facilities when they were arrested.]]> First seen on therecord.media Jump to article: therecord.media/ukraine-sbu-espionage-campaign-russia
-
Russian cyberspies target Android users with new spyware
Russian cyberspies Gamaredon has been discovered using two Android spyware families named ‘BoneSpy’ and ‘PlainGnome’ to spy on and steal data from mobile devices. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/russian-gamaredon-cyberspies-target-android-users-with-new-spyware/
-
Japanese game and anime publisher reportedly pays $3 million ransom to Russia-linked hackers
Kadokawa, known for manga, anime and video games, appears to have made an extortion payment to cybercriminals, according to Kyodo News.]]> First seen on therecord.media Jump to article: therecord.media/kadokawa-japan-reported-ransomware-payment
-
Experts discovered the first mobile malware families linked to Russia’s Gamaredon
The Russia-linked APT Gamaredon used two new Android spyware tools called BoneSpy and PlainGnome against former Soviet states. Lookout researchers linked the BoneSpy and PlainGnome Android surveillance families to the Russian APT group Gamaredon (a.k.a. Armageddon, Primitive Bear, and ACTINIUM). These are the first known mobile malware families linked to the Russian APT. The cyberespionage group is behind a…
-
Gamaredon APT Deploys Two Russian Android Spyware Families: BoneSpy and PlainGnome
Researchers at the Lookout Threat Lab have uncovered two sophisticated Android spyware families, BoneSpy and PlainGnome, attributed to the Russian-aligned Advanced Persistent Threat (APT) group Gamaredon. Also known as Primitive... First seen on securityonline.info Jump to article: securityonline.info/gamaredon-apt-deploys-two-russian-android-spyware-families-bonespy-and-plaingnome/
-
Crypto Roundup: Crypto Pros Targeted with Fake Meeting Apps
Also, Australian Fines Kraken AU$8 million Over Breaches. This week, scammers targeted crypto workers with fake meeting apps, Australia fined Kraken crypto exchange operator Bit Trade and a Los Angeles federal court ordered five individuals to pay $5 million. Polish police detained a Russian former exchange operator and FTX debtors clawed back more cash. First…
-
Russia Used Borrowed Spyware to Target Ukrainian Troops
Secret Blizzard Used Third-party Amadey Bots to Hack Ukrainian Military Devices. A Russian state-backed hacker group used third-party data-stealing bots and possibly a backdoor used by another Russia-based threat group to infiltrate and spy on devices used by frontline Ukrainian military units, according to a report from the Microsoft threat intelligence team. First seen on…
-
Gamaredon Deploys Android Spyware “BoneSpy” and “PlainGnome” in Former Soviet States
The Russia-linked state-sponsored threat actor tracked as Gamaredon has been attributed to two new Android spyware tools called BoneSpy and PlainGnome, marking the first time the adversary has been discovered using mobile-only malware families in its attack campaigns.”BoneSpy and PlainGnome target former Soviet states and focus on Russian-speaking victims,” Lookout said in an analysis. “Both…
-
For Russian spies, existing cybercrime tools become avenues into Ukrainian military devices
A Kremlin-backed group tracked as Secret Blizzard or Turla recently used existing cybercrime infrastructure for an espionage campaign aimed at Ukrainian military devices.]]> First seen on therecord.media Jump to article: therecord.media/turla-secret-blizzard-russia-espionage-ukraine-cybercrime-tools
-
Lookout Discovers New Spyware Deployed by Russia and China
Russian-made spyware BoneSpy and PlainGnome target former Soviet states, while public security bureaus in mainland China use Chinese surveillance tool EagleMsgSpy First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/lookout-new-spyware-russia-china/
-
Russia’s Secret Blizzard APT targets Ukraine with Kazuar backdoor
Russia-linked APT group Secret Blizzard is using Amadey Malware-as-a-Service to infect systems in Ukraine with the Kazuar backdoor. The Russia-linked APT group Secret Blizzard (aka Turla, Snake, Uroburos, Waterbug, Venomous Bear and KRYPTON) was spotted using the Amadey malware to deploy the KazuarV2 backdoor on devices in Ukraine. The experts observed threat actors using the Amadey bot malware between March and April 2024. Microsoft highlights…
-
Russia focuses cyber attacks on Ukraine rather than West despite rising tension
Computer Weekly talks to GCHQ’s National Cyber Security Centre operations director Paul Chichester and former NCSC chief executive Ciaran Martin on Russia, China and Salt Typhoon First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366617232/Russia-focuses-cyber-attacks-on-Ukraine-rather-than-West-despite-rising-tension
-
Russia takes unusual route to hack Starlink-connected devices in Ukraine
Secret Blizzard has used the resources of at least 6 other groups in the past 7 years. First seen on arstechnica.com Jump to article: arstechnica.com/security/2024/12/russia-takes-unusual-route-to-hack-starlink-connected-devices-in-ukraine/
-
Russian cyber spies hide behind other hackers to target Ukraine
Russian cyber-espionage group Turla, aka “Secret Blizzard,” is utilizing other threat actors’ infrastructure to target Ukrainian military devices connected via Starlink. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/russian-cyber-spies-hide-behind-other-hackers-to-target-ukraine/
-
Ukrainian defense firms subjected to suspected Russian cyberespionage campaign
First seen on scworld.com Jump to article: www.scworld.com/brief/ukrainian-defense-firms-subjected-to-suspected-russian-cyberespionage-campaign
-
Romanian energy supplier Electrica hit by ransomware
Tags: attack, ceo, cyberattack, cybersecurity, election, group, hacker, identity, infrastructure, ransomware, russiaFirst, the Romanian presidential election was annulled after being targeted with cyberattacks from foreign state-sponsored actors and a suspected Russian-controlled massive TikTok influence campaign. Now the Electrica Group, a major electricity provider with 3.8 million customers in Romania, has fallen victim to a ransomware attack.The company told investors on Dec. 9 that it is working with national cybersecurity authorities…
-
Kremlin doubled its blocking of independent media sites this year, researchers say
The Open Observatory of Network Interference (OONI) confirmed the blocking of at least 279 foreign and local independent news media domains in Russia this year, doubling the number of organizations identified in a previous report.]]> First seen on therecord.media Jump to article: therecord.media/russia-doubles-blocking-access-independent-media-sites
-
CERT-UA Warns of Phishing Attacks Targeting Ukraine’s Defense and Security Force
The Computer Emergency Response Team of Ukraine (CERT-UA) has warned of a new set of cyber attacks that it said were aimed at defense companies in the country as well as its security and defense forces.The phishing attacks have been attributed to a Russia-linked threat actor called UAC-0185 (aka UNC4221), which has been active since…
-
DDoS-Angriff auf eine Bank in Russland
Russian users report Gazprombank outages amid alleged Ukrainian cyberattack First seen on therecord.media Jump to article: therecord.media/gazprombank-outages-russia-ukraine-claims-cyberattack
-
Russian hacktivists target oil, gas and water sectors worldwide
Tags: russiaFirst seen on scworld.com Jump to article: www.scworld.com/news/russian-hacktivist-groups-target-oil-and-gas-and-water-sectors-worldwide
-
Russia disrupts internet access in multiple regions to test ‘sovereign internet’
During the outages, users couldn’t access some foreign and local apps and websites, including YouTube, Google, messaging apps like WhatsApp and Telegram, and some services of Russian internet giant Yandex.]]> First seen on therecord.media Jump to article: therecord.media/russia-disrupts-internet-access-in-multiple-regions-runet
-
Ukraine says Russian hackers are targeting country’s defense contractors
Ukraine’s Computer Emergency Response Team (CERT-UA) said in a report published over the weekend that a hacking group has been targeting the country’s defense and military companies with phishing attacks. The CERT identified the hacking group as UAC-0185, also known as UNC4221, without saying who was behind the group. Earlier this year, however, […] First…
-
Suspected Russian hackers target Ukrainian defense enterprises in new espionage campaign
Ukraine’s military computer emergency response team said the group sent phishing emails disguised as invitations to a legitimate defense conference that took place in Kyiv last week.]]> First seen on therecord.media Jump to article: therecord.media/suspected-russian-hackers-target-ukrainian-enterprises-espionage
-
Key electricity distributor in Romania warns of ‘cyber attack in progress’
Electrica Group said it has taken “protective measures” after detecting a cyberattack days after the country annulled its presidential election over accusations of Russian meddling. First seen on therecord.media Jump to article: therecord.media/electric-distributor-cyberattack-romania
-
9th December Threat Intelligence Report
Romania’s Constitutional Court annulled the first round of its presidential election after declassified intelligence revealed Russian interference favoring right wing candidate Călin Georgescu. The interference involved a sophisticated social media campaign on […] First seen on research.checkpoint.com Jump to article: research.checkpoint.com/2024/9th-december-threat-intelligence-report/