Tag: ukraine
-
Breach Roundup: UPenn Hit by Email Breach
Also, Australian Police Arrest 55 in New Round of Anom App Sting. This week: UPenn hit by email breach, Australian police arrested 55, ‘SesameOp’ backdoor hid C2 traffic, BEC scammers used AWS, hackers stole trucking cargo, Ukrainian national extradited to United States for role in Conti ransomware and a supply chain risk in advanced installer…
-
Breach Roundup: UPenn Hit by Email Breach
Also, Australian Police Arrest 55 in New Round of Anom App Sting. This week: UPenn hit by email breach, Australian police arrested 55, ‘SesameOp’ backdoor hid C2 traffic, BEC scammers used AWS, hackers stole trucking cargo, Ukrainian national extradited to United States for role in Conti ransomware and a supply chain risk in advanced installer…
-
Russia’s Destructive Wiper Attacks on Ukraine Rise Again
Nation-State Teams Tied to Grain Sector Targeting, Plus More Joined-Up Operations. Russia’s nation-state hacking groups have returned to pummeling Ukrainian targets with destructive, wiper malware, including in apparent attempts to disrupt its economically valuable grain sector, alongside the repeat targeting of allied European nations, researchers report. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/russias-destructive-wiper-attacks-on-ukraine-rise-again-a-29945
-
Trojanized ESET Installers Drop Kalambur Backdoor in Phishing Attacks on Ukraine
A previously unknown threat activity cluster has been observed impersonating Slovak cybersecurity company ESET as part of phishing attacks targeting Ukrainian entities.The campaign, detected in May 2025, is tracked by the security outfit under the moniker InedibleOchotense, describing it as Russia-aligned.”InedibleOchotense sent spear-phishing emails and Signal text messages, containing a link First seen on thehackernews.com…
-
Russia’s Sandworm hackers deploying wipers against Ukraine’s grain industry
The Russian state-backed hacking unit Sandworm has been targeting Ukraine’s grain industry with wiper malware amid Moscow’s ongoing efforts to undermine Kyiv’s wartime economy. First seen on therecord.media Jump to article: therecord.media/russia-sandworm-grain-wipers
-
Russia’s Sandworm hackers deploying wipers against Ukraine’s grain industry
The Russian state-backed hacking unit Sandworm has been targeting Ukraine’s grain industry with wiper malware amid Moscow’s ongoing efforts to undermine Kyiv’s wartime economy. First seen on therecord.media Jump to article: therecord.media/russia-sandworm-grain-wipers
-
Russia’s Sandworm hackers deploying wipers against Ukraine’s grain industry
The Russian state-backed hacking unit Sandworm has been targeting Ukraine’s grain industry with wiper malware amid Moscow’s ongoing efforts to undermine Kyiv’s wartime economy. First seen on therecord.media Jump to article: therecord.media/russia-sandworm-grain-wipers
-
Sandworm hackers use data wipers to disrupt Ukraine’s grain sector
Russian state-backed hacker group Sandworm has deployed multiple data-wiping malware families in attacks targeting Ukraine’s education, government, and the grain sector, the country’s main revenue source. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/sandworm-hackers-use-data-wipers-to-disrupt-ukraines-grain-sector/
-
Sandworm hackers use data wipers to disrupt Ukraine’s grain sector
Russian state-backed hacker group Sandworm has deployed multiple data-wiping malware families in attacks targeting Ukraine’s education, government, and the grain sector, the country’s main revenue source. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/sandworm-hackers-use-data-wipers-to-disrupt-ukraines-grain-sector/
-
Jabber Zeus developer ‘MrICQ’ extradited to US from Italy
Ukrainian Yuriy Rybtsov, aka MrICQ, a suspected Jabber Zeus developer, was extradited from Italy to the US to face cybercrime charges. Ukrainian national Yuriy Igorevich Rybtsov (41), aka MrICQ, an alleged Jabber Zeus developer, was arrested in Italy, lost his extradition appeal, and has been sent to the US to face cybercrime charges. After a…
-
Conti Suspect in Court After Extradition From Ireland
Ukrainian national Oleksii Oleksiyovych Lytvynenko has appeared in a US court in connection with Conti ransomware charges First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/conti-suspect-court-extradition/
-
Conti Ransomware Operator Extradited to the United States
A Ukrainian national accused of participating in one of the most damaging ransomware campaigns in history has been extradited from Ireland to face charges in the United States. Oleksii Oleksiyovych Lytvynenko, 43, appeared in federal court in Tennessee following his transfer from Irish custody, where he had been held since his arrest in July 2023.…
-
Ukrainian extradited to US over Conti ransomware involvement
Ukrainian Oleksii Lytvynenko extradited from Ireland to US for alleged role in Conti ransomware after fleeing Ukraine in 2022. Ukrainian national Oleksii Lytvynenko (43) extradited from Ireland to the US, faces charges for alleged involvement in Conti ransomware attacks after fleeing Ukraine in 2022. The man appeared in a US court and was charged with…
-
Chinese hackers target Western diplomats using hardpatch Windows shortcut flaw
Tags: access, attack, china, control, cyber, endpoint, exploit, flaw, group, hacker, intelligence, mitigation, monitoring, rat, russia, threat, ukraine, update, vulnerability, windowsMitigation: In the absence of a patch, organizations worried about .LNK attacks should consider blocking .LNK files or disabling their execution in Windows Explorer, Arctic Wolf advised.”This should be put in place across all Windows systems, prioritizing endpoints used by personnel with access to sensitive diplomatic or policy information. While this vulnerability was disclosed in…
-
Ukrainian allegedly involved in Conti ransomware attacks faces up to 25 years in jail
Oleksii Lytvynenko, 43, was arrested in Ireland in 2023 and extradited to the U.S. earlier this month. He pleaded not guilty in federal court Thursday. First seen on cyberscoop.com Jump to article: cyberscoop.com/ukrainian-oleksii-lytvynenko-conti-ransomware-extradited/
-
Ukrainian allegedly involved in Conti ransomware attacks faces up to 25 years in jail
Oleksii Lytvynenko, 43, was arrested in Ireland in 2023 and extradited to the U.S. earlier this month. He pleaded not guilty in federal court Thursday. First seen on cyberscoop.com Jump to article: cyberscoop.com/ukrainian-oleksii-lytvynenko-conti-ransomware-extradited/
-
Alleged Conti ransomware gang affiliate appears in Tennessee court after Ireland extradition
Ukrainian national Oleksii Oleksiyovych Lytvynenko faces charges in the U.S. related to his alleged involvement with the Conti cybercrime operation, which attacked hundreds of organizations globally before disbanding in 2022. First seen on therecord.media Jump to article: therecord.media/alleged-conti-ransomware-affiliate-extradited-ireland-tennessee
-
Ukrainian Conti Ransomware Suspect Extradited to US from Ireland
Ukrainian man accused of helping run Conti ransomware extradited from Ireland to the U.S. to face charges over global cyberattacks and $150M in ransom payments. First seen on hackread.com Jump to article: hackread.com/ukraine-conti-ransomware-extradite-us-ireland/
-
Alleged Conti ransomware gang affiliate appears in Tennessee court after Ireland extradition
Ukrainian national Oleksii Oleksiyovych Lytvynenko faces charges in the U.S. related to his alleged involvement with the Conti cybercrime operation, which attacked hundreds of organizations globally before disbanding in 2022. First seen on therecord.media Jump to article: therecord.media/alleged-conti-ransomware-affiliate-extradited-ireland-tennessee
-
Ukrainian Conti Ransomware Suspect Extradited to US from Ireland
Ukrainian man accused of helping run Conti ransomware extradited from Ireland to the U.S. to face charges over global cyberattacks and $150M in ransom payments. First seen on hackread.com Jump to article: hackread.com/ukraine-conti-ransomware-extradite-us-ireland/
-
Ukrainian extradited from Ireland on Conti ransomware charges
A Ukrainian national believed to be a member of the Conti ransomware operation has been extradited to the United States and faces charges that could get him 25 years in prison. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/ukrainian-extradited-from-ireland-on-conti-ransomware-charges/
-
Ukrainian extradited from Ireland on Conti ransomware charges
A Ukrainian national believed to be a member of the Conti ransomware operation has been extradited to the United States and faces charges that could get him 25 years in prison. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/ukrainian-extradited-from-ireland-on-conti-ransomware-charges/
-
Russian APTs Exploit LotL Techniques in Ukraine Cyber Attacks, Deploying Sandworm-Linked Webshell and Credential Dumping
The post Russian APTs Exploit LotL Techniques in Ukraine Cyber Attacks, Deploying Sandworm-Linked Webshell and Credential Dumping appeared first on Daily CyberSecurity. First seen on securityonline.info Jump to article: securityonline.info/russian-apts-exploit-lotl-techniques-in-ukraine-cyber-attacks-deploying-sandworm-linked-webshell-and-credential-dumping/
-
Russian-Linked Cyberattacks Continue to Target Ukrainian Organizations
Sandworm targets Ukrainian networks using stealthy, low-malware attacks that exploit legitimate Windows tools to evade detection. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/russian-linked-cyberattacks-continue-to-target-ukrainian-organizations/
-
Russian hackers, likely linked to Sandworm, exploit legitimate tools against Ukrainian targets
Russian actors, likely linked to Sandworm, targeted Ukrainian firms using LotL tactics and dual-use tools to steal data and stay hidden, says Symantec and Carbon Black. Russian threat actors, likely linked to the APT Sandworm, targeted Ukrainian organizations to steal sensitive data and maintain long-term network access, Symantec Threat Hunter Team and Carbon Black report.…
-
Russian Hackers Target Government with Stealthy “Livingthe-Land” Tactics
Russian-linked attackers have intensified their targeting of Ukrainian organizations through sophisticated intrusions that rely heavily on legitimate Windows tools rather than malware. The attackers demonstrated remarkable restraint in their malware deployment, instead leveraging living-off-the-land tactics and dual-use tools to evade detection while accomplishing their objectives. A recent investigation by our Threat Hunter Team revealed two…
-
Russian Hackers Target Government with Stealthy “Livingthe-Land” Tactics
Russian-linked attackers have intensified their targeting of Ukrainian organizations through sophisticated intrusions that rely heavily on legitimate Windows tools rather than malware. The attackers demonstrated remarkable restraint in their malware deployment, instead leveraging living-off-the-land tactics and dual-use tools to evade detection while accomplishing their objectives. A recent investigation by our Threat Hunter Team revealed two…
-
Russian Hackers Target Ukrainian Organizations Using Stealthy Livingthe-Land Tactics
Organizations in Ukraine have been targeted by threat actors of Russian origin with an aim to siphon sensitive data and maintain persistent access to compromised networks.The activity, according to a new report from the Symantec and Carbon Black Threat Hunter Team, targeted a large business services organization for two months and a local government entity…
-
Russian Hackers Target Ukrainian Organizations Using Stealthy Livingthe-Land Tactics
Organizations in Ukraine have been targeted by threat actors of Russian origin with an aim to siphon sensitive data and maintain persistent access to compromised networks.The activity, according to a new report from the Symantec and Carbon Black Threat Hunter Team, targeted a large business services organization for two months and a local government entity…
-
‘Living off the land’ allowed Russia-linked group to breach Ukrainian entities this summer
In two separate incidents this summer, hackers appearing to work from Russia used available assets to steal data from a large Ukrainian business services company and a local government agency, researchers say. First seen on therecord.media Jump to article: therecord.media/russia-linked-breaches-ukraine-living-off-the-land