Tag: ukraine
-
Russian Hackers Target Signal Messenger Users to Steal Sensitive Data
Russian state-aligned threat actors have intensified their efforts to compromise Signal Messenger accounts, targeting individuals of strategic interest, according to the Google Threat Intelligence Group (GTIG). These campaigns, primarily linked to Russia’s ongoing military operations in Ukraine, aim to intercept sensitive communications from military personnel, politicians, journalists, and activists. The attackers are exploiting Signal’s >>linked…
-
Russian state hackers spy on Ukrainian military through Signal app
Russian state-backed hackers are increasingly targeting Signal messenger accounts, including those used by Ukrainian military personnel and government officials, in an effort to access sensitive information that could aid Moscow’s war effort, researchers warn. First seen on therecord.media Jump to article: therecord.media/russian-state-hackers-spy-on-ukraine-military-signal
-
A Signal Update Fends Off a Phishing Technique Used in Russian Espionage
Google warns that hackers tied to Russia are tricking Ukrainian soldiers with fake QR codes for Signal group invites that let spies steal their messages. Signal has pushed out new safeguards. First seen on wired.com Jump to article: www.wired.com/story/russia-signal-qr-code-phishing-attack/
-
Russian State Hackers Target Signal to Spy on Ukrainians
Google has warned that Russian state-backed hackers are targeting Signal to eavesdrop on persons of interest in Ukraine First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/russian-hackers-signal-spy/
-
Sorglosigkeit beenden und massiv in Cybersicherheit investieren
Wie wir uns vor digitalen Bedrohungen aus dem Cyberraum besser schützen können. Durch die zunehmende Digitalisierung und Vernetzung gewinnt Cybersicherheit immer mehr an Bedeutung. Gleichzeitig nehmen die Risiken durch Cyberangriffe dramatisch zu. Insbesondere der Krieg Russlands gegen die Ukraine hat die Lage in den vergangen drei Jahren wesentlich verschärft. Auf der 11. Munich Cyber… First…
-
Is Russia Reining In Ransomware-Wielding Criminals?
Flurry of Arrests a Potential Prelude to Russia-Ukraine Peace Negotiations Even before Donald Trump took office on Jan. 20, there were signs that Russian President Vladimir Putin ordered cybercriminals operating inside his country’s borders to be reined in, potentially as a bargaining chip in negotiations over Russia’s stalemated war of conquest against Ukraine. First seen…
-
Is Russia Reining-In Ransomware-Wielding Criminals?
Flurry of Arrests a Potential Prelude to Russia-Ukraine Peace Negotiations Even before Donald Trump took office on Jan. 20, there were signs that Russian President Vladimir Putin ordered cybercriminals operating inside his country’s borders to be reined in, potentially as a bargaining chip in negotiations over Russia’s stalemated war of conquest against Ukraine. First seen…
-
Nico Lange: ‘Cybersicherheit ist eine Frage der Verteidigung”
Tags: ai, china, conference, cyberattack, cybercrime, cyersecurity, germany, governance, government, infrastructure, iran, north-korea, risk, ukraine, usaMunich Security Conference Live Studio powered by APCO in Munich, Germany on February 15, 2025. (Photo by Christopher Pike / christopherpike.com) APCO.Welches sind laut dem Münchner Sicherheitsindex die größten Risiken für Europa im Jahr 2025?Nun, ich denke, das größte Risiko besteht in der sogenannten Multipolarisierung. Europa wird Schwierigkeiten haben, sein Geschäftsmodell fortzuführen, das auf den…
-
Zelensky calls to build ‘army of Europe’ to counter future Russian threats
Ukraine’s president said the European Union needs to be self-reliant to counter threats from Russia amid ongoing tensions with the Trump administration. First seen on therecord.media Jump to article: therecord.media/zelensky-calls-for-army-of-europe-to-counter-russia
-
Failed Ukraine would weaken both US and Europe, says EU chief von der Leyen
European Commission President Ursula von der Leyen made clear at the Munich Security Conference on Friday that a lasting peace in Ukraine is not just in the European Union’s interest, but in the interest of the U.S. as well. First seen on therecord.media Jump to article: therecord.media/failed-ukraine-would-weaken-us-and-europe-von-der-leyen
-
Münchner Cybersicherheits-Konferenz: Die Ukraine umwirbt Europa
Russische Cyber-Angriffe zwingen der Ukraine eine extreme Reaktionsdynamik auf: “Was hier nicht funktioniert, ist vielleicht nicht wettbewerbsfähig.” First seen on heise.de Jump to article: www.heise.de/news/Cybersicherheit-in-Kriegszeiten-Taeglich-ist-Tag-Null-10283051.html
-
Ukraine warns of growing AI use in Russian cyber-espionage operations
Russia is using artificial intelligence to boost its cyber-espionage operations, Ihor Malchenyuk of Ukraine’s State Service of Special Communications and Information Protection (SSCIP), said at the Munich Cyber Security Conference. First seen on therecord.media Jump to article: therecord.media/russia-ukraine-cyber-espionage-artificial-intelligence
-
Ukraine struggles to counter Russian disinfo without US support, local cyber official says
“This is a very serious issue for Ukraine,” Ukrainian security official Natalia Tkachuk said about the Trump administration’s freeze on U.S. foreign aid, including cyber and counter-disinformation programs started after the Russian invasion. First seen on therecord.media Jump to article: therecord.media/ukraine-russia-disinformation-us-foreign-aid
-
The Rise of Cyber Espionage: UAV and C-UAV Technologies as Targets
Researchers at cybersecurity firm Resecurity detected a rise in cyberattacks targeting UAV and counter-UAV technologies. Resecurity identified an increase in malicious cyber activity targeting UAV and counter-UAV (C-UAV/C-UAS) technologies. That was especially notable during active periods of local conflicts, including the escalation of the Russia-Ukraine war and the Israel-Hamas confrontation. The trend of malicious targeting…
-
Arbitrary File Upload Vulnerability in WordPress Plugin Let Attackers Hack 30,000 Website
A subgroup of the Russian state-sponsored hacking group Seashell Blizzard, also known as Sandworm, has intensified its cyber operations through a campaign dubbed BadPilot. This multi-year initiative has targeted critical infrastructure worldwide, expanding the group’s reach beyond its traditional focus on Ukraine and Eastern Europe to include North America, Europe, and Asia-Pacific regions. Exploiting Vulnerabilities…
-
Russian hacking group targets critical infrastructure in the US, the UK, and Canada
Tags: access, attack, blizzard, computer, control, cyber, cyberattack, cybersecurity, data, espionage, exploit, fortinet, group, hacker, hacking, infrastructure, intelligence, international, microsoft, military, network, ransomware, russia, software, strategy, supply-chain, threat, tool, ukraine, update, vulnerability, zero-trustWeaponizing IT software against global enterprises: Since early 2024, the hackers have exploited vulnerabilities in widely used IT management tools, including ConnectWise ScreenConnect (CVE-2024-1709) and Fortinet FortiClient EMS (CVE-2023-48788). By compromising these critical enterprise systems, the group has gained undetected access to networks, Microsoft warned.”Seashell Blizzard’s specialized operations have ranged from espionage to information operations…
-
Russian Hackers Leverages Weaponized Microsoft Key Management Service (KMS) to Hack Windows Systems
In a calculated cyber-espionage campaign, the Russian state-sponsored hacking group Sandworm (APT44), linked to the GRU (Russia’s Main Intelligence Directorate), has been exploiting pirated Microsoft Key Management Service (KMS) activation tools to target Ukrainian Windows systems. This operation, active since late 2023, employs trojanized KMS activators and fake Windows updates to deploy malware, including the…
-
Subgroup of Russia’s Sandworm compromising US and European organizations, Microsoft says
The BadPilot hackers have expanded their focus beyond Ukraine and Eastern Europe, gaining initial access to dozens of strategically important organizations across the U.S. and U.K. First seen on therecord.media Jump to article: therecord.media/sandworm-subgroup-russia-europe
-
Sandworm APT Hackers Weaponize Microsoft KMS Activation Tools To Compromise Windows
In a sophisticated cyber-espionage operation, the Russian state-sponsored hacking group Sandworm (APT44), linked to the GRU (Russia’s Main Intelligence Directorate), has been exploiting pirated Microsoft Key Management Service (KMS) activation tools to target Ukrainian Windows users. The campaign, which began in late 2023, leverages trojanized KMS activators and fake Windows updates to deploy malware, including…
-
Sandworm APT Exploits Trojanized KMS Tools to Target Ukrainian Users in Cyber Espionage Campaign
The notorious Sandworm APT (APT44), a Russian-state-sponsored threat actor affiliated with the GRU (Russia’s Main Intelligence Directorate), has First seen on securityonline.info Jump to article: securityonline.info/sandworm-apt-exploits-trojanized-kms-tools-to-target-ukrainian-users-in-cyber-espionage-campaign/
-
U.S. adversaries increasingly turning to cybercriminals and their malware for help
A Google Threat Intelligence Group report notes that Russia in particular has been doing this since the Ukraine war began. First seen on cyberscoop.com Jump to article: cyberscoop.com/u-s-adversaries-increasingly-turning-to-cybercriminals-and-their-malware-for-help/
-
Russian military hackers deploy malicious Windows activators in Ukraine
The Sandworm Russian military cyber-espionage group is targeting Windows users in Ukraine with trojanized Microsoft Key Management Service (KMS) activators and fake Windows updates. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/russian-military-hackers-deploy-malicious-windows-activators-in-ukraine/
-
Russia’s intelligence recruits Ukrainians for terror attacks via messaging apps
Russia’s intelligence recruits Ukrainians for terror attacks via messaging apps and forums, offering quick pay, Ukraine’s law enforcement warns. According to Ukraine’s law enforcement, Russian intelligence is using messaging apps and forums to recruit Ukrainians for terrorist attacks, offering quick pay. Ukrainian authorities have recently seen a rise in terrorist attacks on police, military centers,…
-
Russia uses messaging apps to recruit terrorists, Ukraine’s police says
Russian intelligence services are using messaging apps and online forums to recruit Ukrainian citizens for terrorist attacks, promising quick payoffs, according to Ukraine’s law enforcement. First seen on therecord.media Jump to article: therecord.media/russia-uses-messaging-apps-to-recruit-terrorists
-
Ukraine’s largest bank PrivatBank Targeted with SmokeLoader malware
UAC-0006, a financially motivated threat actor, targets PrivatBank customers with advanced phishing attacks. CloudSEK’s research reveals malicious emails… First seen on hackread.com Jump to article: hackread.com/ukraine-largest-bank-privatbank-smokeloader-malware/
-
7-Zip 0-day was exploited in Russia’s ongoing invasion of Ukraine
Vulnerability stripped MotW tag Windows uses to flag Internet-downloaded files. First seen on arstechnica.com Jump to article: arstechnica.com/security/2025/02/7-zip-0-day-was-exploited-in-russias-ongoing-invasion-of-ukraine/
-
Russian Hackers Exploited 7-Zip Zero-Day Against Ukraine
Russian threat groups have been observed exploiting a zero-day vulnerability in 7-Zip against Ukrainian entities. The post Russian Hackers Exploited 7-Zip Zero-Day Against Ukraine appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/russian-hackers-exploited-7-zip-zero-day-against-ukraine/
-
Russian SmokeLoader Campaign in Ukraine Uses 7-Zip Zero-Day
Tags: credentials, cybercrime, espionage, government, hacker, open-source, russia, ukraine, vulnerability, zero-dayEspionage and Cybercrime Campaign Tied to 7-Zip Mark-of-the-Web Bypass Hits. Russian hackers targeting Ukrainian government agencies and businesses – including a major automotive manufacturer – have been targeting a zero-day vulnerability in the open source and widely used 7-Zip archive utility, to infect systems with credential-stealing SmokeLoader malware. First seen on govinfosecurity.com Jump to article:…
-
7-Zip MotW bypass exploited in zero-day attacks against Ukraine
A 7-Zip vulnerability allowing attackers to bypass the Mark of the Web (MotW) Windows security feature was exploited by Russian hackers as a zero-day since September 2024. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/7-zip-motw-bypass-exploited-in-zero-day-attacks-against-ukraine/