Tag: russia
-
Trump shifts cyberattack readiness to state and local governments in wake of info-sharing cuts
Tags: advisory, cio, cisa, ciso, communications, cyber, cyberattack, cybersecurity, election, government, group, infrastructure, intelligence, Internet, metric, office, resilience, risk, russia, strategy, technology, threatCreating a national resilience strategy The EO requires the assistant to the President for national security affairs (APNSA), in coordination with the assistant to the President for economic policy and the heads of relevant executive departments and agencies, to publish within 90 days (by June 17) a National Resilience Strategy that articulates the priorities, means,…
-
Zero-day broker Operation Zero offers up to $4 million for Telegram exploits
Russian zero-day broker Operation Zero is looking for exploits for the popular messaging app Telegram, offering up to $4 million for them. Operation Zero, a Russian zero-day broker, is offering up to $4 million for Telegram exploits, the news was first reported by Tech Crunch. The Russian firm seeks up to $500K for one-click RCE,…
-
Kaspersky Links Head Mare to Twelve, Targeting Russian Entities via Shared C2 Servers
Two known threat activity clusters codenamed Head Mare and Twelve have likely joined forces to target Russian entities, new findings from Kaspersky reveal.”Head Mare relied heavily on tools previously associated with Twelve. Additionally, Head Mare attacks utilized command-and-control (C2) servers exclusively linked to Twelve prior to these incidents,” the company said. “This suggests First seen…
-
Escalating Ukrainian hacktivist attacks target Russia
First seen on scworld.com Jump to article: www.scworld.com/brief/escalating-ukrainian-hacktivist-attacks-target-russia
-
Major web services go dark in Russia amid reported Cloudflare block
Website outages were observed across Russia this week, with regulators attributing them to issues with foreign servers. Observers said the problems might be tied to Russian government moves to block the Cloudflare service. First seen on therecord.media Jump to article: therecord.media/russia-websites-dark-reported-cloudflare-block
-
YouTube Game Cheats Spread Arcane Stealer Malware to Russian-Speaking Users
YouTube videos promoting game cheats are being used to deliver a previously undocumented stealer malware called Arcane likely targeting Russian-speaking users.”What’s intriguing about this malware is how much it collects,” Kaspersky said in an analysis. “It grabs account information from VPN and gaming clients, and all kinds of network utilities like ngrok, Playit, Cyberduck, FileZilla,…
-
State-Backed Hackers Exploiting Windows Zero-Day Since 2017
At least 11 state-sponsored hacking groups from North Korea, Iran, Russia, and China have been actively exploiting a newly uncovered Windows zero-day vulnerability in cyber espionage and data theft attacks since 2017. Despite clear evidence of exploitation, Microsoft has declined… First seen on sensorstechforum.com Jump to article: sensorstechforum.com/zdi-can-25373-zero-day-exploited-since-2017/
-
New Windows zero-day feared abused in widespread espionage for years
.The zero-day vulnerability, tracked as ZDI-CAN-25373, has yet to be publicly acknowledged and assigned a CVE-ID by Microsoft. ZDI-CAN-25373 has to do with the way Windows displays the contents of .lnk files, a type of binary file used by Windows to act as a shortcut to a file, folder, or application, through the Windows UI.A…
-
China, Russia, North Korea Hackers Exploit Windows Security Flaw
Tags: attack, china, exploit, flaw, government, group, hacker, infrastructure, korea, microsoft, north-korea, russia, threat, update, windowsAmost a dozen state-sponsored threat groups from Russia, China, and North Korea have been exploiting a security flaw in WIndows in attacks on governments and critical infrastructure that date back to 2017. According to Trend Micro’s VDI unit, Microsoft has no plans to patch the vulnerability. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/03/china-russia-north-korea-hackers-exploit-windows-security-flaw/
-
Low-Cost Drone Add-Ons From China Let Anyone With a Credit Card Turn Toys Into Weapons of War
Chinese ecommerce giants like Temu and AliExpress sell drone accessories like those used by soldiers in the Russia-Ukraine conflict. First seen on wired.com Jump to article: www.wired.com/story/drone-accessories-weapons-of-war/
-
Poisoned Windows shortcuts found to be a favorite of Chinese, Russian, N. Korean state hackers
The Zero Day Initiative measured the prevalence of manipulated Windows shortcut files in campaigns attributed to nation-state hacking groups, finding at least 11 exploited a bug that allows malicious use of the files. First seen on therecord.media Jump to article: therecord.media/windows-lnk-files-nation-state-hacking-campaigns
-
UK Official Says Russian Disinfo Blocked in 2024 Election
Doppelganger Unsuccessfully Attempted to Distort Election, UK Minister Said. A Russian government-directed foreign influence campaign unsuccessfully attempted to disrupt the 2024 U.K. elections, a British security minister told a parliamentary committee. The government identified disinformation networks linked to Russian influence campaign widely tracked as Doppelganger. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/uk-official-says-russian-disinfo-blocked-in-2024-election-a-27759
-
Black Basta Leader in League With Russian Officials, Chat Logs Show
Though the chat logs were leaked a month ago, analysts are now seeing that Russian officials may have assisted Black Basta members according, to the shared messages. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/black-basta-league-russian-officials-chat-logs
-
New Windows zero-day exploited by 11 state hacking groups since 2017
At least 11 state-backed hacking groups from North Korea, Iran, Russia, and China have been exploiting a new Windows vulnerability in data theft and cyber espionage zero-day attacks since 2017. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/new-windows-zero-day-exploited-by-11-state-hacking-groups-since-2017/
-
Russia using criminal networks to drive increase in sabotage acts, says Europol
Proxies deploying tactics including migrant smuggling in destabilisation efforts across EU, enforcement agency finds<ul><li><a href=”https://www.theguardian.com/world/live/2025/mar/18/trump-putin-call-ukraine-ceasefire-proposals-european-council-meeting-europe-live-news-latest”>Europe live latest updates</li></ul>Russia and other state actors are driving an increase in politically motivated cyber-attacks and sabotage of infrastructure and public institutions in the EU, the bloc’s police enforcement agency has found.Europol’s 80-page serious and organised crime threat assessment for…
-
Microsoft isn’t fixing 8-year-old shortcut exploit abused for spying
‘Only’ a local access bug but important part of N Korea, Russia, and China attack picture First seen on theregister.com Jump to article: www.theregister.com/2025/03/18/microsoft_trend_flaw/
-
Unpatched Windows Zero-Day Flaw Exploited by 11 State-Sponsored Threat Groups Since 2017
An unpatched security flaw impacting Microsoft Windows has been exploited by 11 state-sponsored groups from China, Iran, North Korea, and Russia as part of data theft, espionage, and financially motivated campaigns that date back to 2017.The zero-day vulnerability, tracked by Trend Micro’s Zero Day Initiative (ZDI) as ZDI-CAN-25373, refers to an issue that allows bad…
-
BlackBasta Ransomware Ties to Russian Authorities Uncovered
Leaked chat logs have exposed connections between the BlackBasta ransomware group and Russian authorities, according to new analysis by Trellix First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/blackbasta-ransomwares-ties-russia/
-
>>My vas pokhoronim!<<
CISA, in collaboration with the FBI and NSA, identified and attributed multiple attacks to Russian entities, emphasizing the risks posed by state-backed Advanced Persistent Threats (APTs). First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/03/my-vas-pokhoronim/
-
Hackers are exploiting Fortinet firewall bugs to plant ransomware
Security researchers say that a threat actor it calls Mora_001 has ‘close ties’ to the Russia-linked hacking group First seen on techcrunch.com Jump to article: techcrunch.com/2025/03/17/hackers-are-exploiting-fortinet-firewall-bugs-to-plant-ransomware/
-
Telegram CEO confirms leaving France amid criminal probe
The Russian-born founder and owner of the messaging app Telegram said he returned to Dubai after spending several months in France due to a criminal investigation related to activity on the app. First seen on therecord.media Jump to article: therecord.media/telegram-pavel-durov-leaves-france-amid-probe
-
UK Cybersecurity Weekly News Roundup 16 March 2025
Tags: access, apple, attack, backdoor, backup, compliance, control, cyber, cyberattack, cybercrime, cybersecurity, data, encryption, finance, firewall, government, group, hacking, insurance, law, lockbit, malicious, network, office, privacy, ransomware, regulation, risk, russia, service, software, virusWelcome to this week’s edition of our cybersecurity news roundup, bringing you the latest developments and insights from the UK and beyond. UK Government’s Stance on Encryption Raises Global Concerns The UK government has ordered Apple to provide backdoor access to iCloud users’ encrypted backups under the Investigatory Powers Act of 2016. This secret order…
-
AI development pipeline attacks expand CISOs’ software supply chain risk
Tags: access, ai, api, application-security, attack, backdoor, breach, business, ciso, cloud, container, control, cyber, cybersecurity, data, data-breach, detection, encryption, exploit, flaw, fortinet, government, infrastructure, injection, intelligence, LLM, malicious, malware, ml, network, open-source, password, penetration-testing, programming, pypi, risk, risk-assessment, russia, saas, sbom, service, software, supply-chain, threat, tool, training, vpn, vulnerabilitydevelopment pipelines are exacerbating software supply chain security problems.Incidents of exposed development secrets via publicly accessible, open-source packages rose 12% last year compared to 2023, according to ReversingLabs (RL).A scan of 30 of the most popular open-source packages found an average of six critical-severity and 33 high-severity flaws per package.Commercial software packages are also a…
-
New York Times Spoofed to Hide Russian Disinformation Campaign
Operation Doppelganger has convincingly masqueraded as multiple news sites with elaborate fake stories containing real bylines of journalists, blasting them out on social media platforms. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/new-york-times-spoofed-russian-disinformation-campaign
-
Major LockBit Ransomware Developer Extradited to U.S.
Recently, a dual Russian and Israeli national, Rostislav Panev, 51, has been extradited to the United States to First seen on securityonline.info Jump to article: securityonline.info/major-lockbit-ransomware-developer-extradited-to-u-s/
-
Head Mare and Twelve: Inside the Collaboration Targeting Russian Companies
In a series of attacks targeting Russian companies in September 2024, cybersecurity researchers uncovered evidence of collaboration between First seen on securityonline.info Jump to article: securityonline.info/head-mare-and-twelve-inside-the-collaboration-targeting-russian-companies/
-
Alleged Russian LockBit developer extradited from Israel, appears in New Jersey court
Rostislav Panev, who was arrested in Israel in August 2024 on U.S. charges related to dozens of LockBit ransomware attacks, has been extradited and appeared in a New Jersey federal court, authorities said. First seen on therecord.media Jump to article: therecord.media/lockbit-alleged-russian-developer-extradited-us-israel
-
Alleged Israeli LockBit Developer Rostislav Panev Extradited to U.S. for Cybercrime Charges
A 51-year-old dual Russian and Israeli national who is alleged to be a developer of the LockBit ransomware group has been extradited to the United States, nearly three months after he was formally charged in connection with the e-crime scheme.Rostislav Panev was previously arrested in Israel in August 2024. He is said to have been…
-
LockBit ransomware developer Rostislav Panev was extradited from Israel to the U.S.
The US Justice Department announced that the LockBit ransomware developer Rostislav Panev was extradited from Israel to the U.S. The US Justice Department announced that one of the LockBit ransomware developer, Rostislav Panev (51), has been extradited to the United States. The dual Russian-Israeli national was arrested in Israel in 2024 and faces charges related…