Tag: ukraine
-
Russia’s Secret Blizzard APT targets Ukraine with Kazuar backdoor
Russia-linked APT group Secret Blizzard is using Amadey Malware-as-a-Service to infect systems in Ukraine with the Kazuar backdoor. The Russia-linked APT group Secret Blizzard (aka Turla, Snake, Uroburos, Waterbug, Venomous Bear and KRYPTON) was spotted using the Amadey malware to deploy the KazuarV2 backdoor on devices in Ukraine. The experts observed threat actors using the Amadey bot malware between March and April 2024. Microsoft highlights…
-
Russia focuses cyber attacks on Ukraine rather than West despite rising tension
Computer Weekly talks to GCHQ’s National Cyber Security Centre operations director Paul Chichester and former NCSC chief executive Ciaran Martin on Russia, China and Salt Typhoon First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366617232/Russia-focuses-cyber-attacks-on-Ukraine-rather-than-West-despite-rising-tension
-
Russia takes unusual route to hack Starlink-connected devices in Ukraine
Secret Blizzard has used the resources of at least 6 other groups in the past 7 years. First seen on arstechnica.com Jump to article: arstechnica.com/security/2024/12/russia-takes-unusual-route-to-hack-starlink-connected-devices-in-ukraine/
-
Russian cyber spies hide behind other hackers to target Ukraine
Russian cyber-espionage group Turla, aka “Secret Blizzard,” is utilizing other threat actors’ infrastructure to target Ukrainian military devices connected via Starlink. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/russian-cyber-spies-hide-behind-other-hackers-to-target-ukraine/
-
Ukrainian defense firms subjected to suspected Russian cyberespionage campaign
First seen on scworld.com Jump to article: www.scworld.com/brief/ukrainian-defense-firms-subjected-to-suspected-russian-cyberespionage-campaign
-
CERT-UA Warns of Phishing Attacks Targeting Ukraine’s Defense and Security Force
The Computer Emergency Response Team of Ukraine (CERT-UA) has warned of a new set of cyber attacks that it said were aimed at defense companies in the country as well as its security and defense forces.The phishing attacks have been attributed to a Russia-linked threat actor called UAC-0185 (aka UNC4221), which has been active since…
-
DDoS-Angriff auf eine Bank in Russland
Russian users report Gazprombank outages amid alleged Ukrainian cyberattack First seen on therecord.media Jump to article: therecord.media/gazprombank-outages-russia-ukraine-claims-cyberattack
-
Ukraine says Russian hackers are targeting country’s defense contractors
Ukraine’s Computer Emergency Response Team (CERT-UA) said in a report published over the weekend that a hacking group has been targeting the country’s defense and military companies with phishing attacks. The CERT identified the hacking group as UAC-0185, also known as UNC4221, without saying who was behind the group. Earlier this year, however, […] First…
-
Suspected Russian hackers target Ukrainian defense enterprises in new espionage campaign
Ukraine’s military computer emergency response team said the group sent phishing emails disguised as invitations to a legitimate defense conference that took place in Kyiv last week.]]> First seen on therecord.media Jump to article: therecord.media/suspected-russian-hackers-target-ukrainian-enterprises-espionage
-
Phishing Scam Targets Ukrainian Defense Companies
CERT-UA has issued a warning about phishing emails targeting Ukrainian defense companies and security forces First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/phishing-scam-targets-ukrainian/
-
BlueAlpha Exploits Cloudflare Tunnels for GammaDrop Malware Infrastructure
The Insikt Group has uncovered a sophisticated cyber-espionage operation conducted by BlueAlpha, a state-sponsored threat actor with links to the Russian Federal Security Service (FSB). The campaign targets Ukrainian entities... First seen on securityonline.info Jump to article: securityonline.info/bluealpha-exploits-cloudflare-tunnels-for-gammadrop-malware-infrastructure/
-
Russia’s FSB used spyware against a Russian programmer
Russia’s FSB used spyware against a Russian programmer after detaining him for allegedly donating to Ukraine earlier this year. The Federal Security Service (FSB) used spyware to monitor a Russian programmer, Kirill Parubets, after he was detained earlier this year for allegedly donating to Ukraine. Researchers from the First Department and the Citizen Lab discovered that the…
-
FSB Uses Trojan App to Monitor Russian Programmer Accused of Supporting Ukraine
A Russian programmer accused of donating money to Ukraine had his Android device secretly implanted with spyware by the Federal Security Service (FSB) after he was detained earlier this year.The findings come as part of a collaborative investigation by First Department and the University of Toronto’s Citizen Lab.”The spyware placed on his device allows the…
-
Russian BlueAlpha APT Exploits Cloudflare Tunnels to Distribute Custom Malware
BlueAlpha, a Russian state-sponsored group, is actively targeting Ukrainian individuals and organizations by using spearphishing emails with malicious HTML attachments to deliver GammaLoad malware. To evade detection, BlueAlpha is leveraging Cloudflare Tunnels to conceal their infrastructure and using DNS fast-fluxing for their C2 servers, as this ongoing campaign, active since early 2024, highlights the persistent…
-
Russian users report Gazprombank outages amid alleged Ukrainian cyberattack
First seen on therecord.media Jump to article: therecord.media/gazprombank-outages-russia-ukraine-claims-cyberattack
-
Hackers Leveraging Cloudflare Tunnels, DNS Fast-Flux to Hide GammaDrop Malware
The threat actor known as Gamaredon has been observed leveraging Cloudflare Tunnels as a tactic to conceal its staging infrastructure hosting a malware called GammaDrop.The activity is part of an ongoing spear-phishing campaign targeting Ukrainian entities since at least early 2024 that’s designed to drop the Visual Basic Script malware, Recorded Future’s Insikt Group said…
-
Russian Forces Accused of Secretly Planting Spyware on Phone
Russian Activist for Ukraine Claims Spyware Was Installed While in Custody by FSB. A Russian activist says security forces covertly installed spyware on his cellphone while he was detained in Moscow for aiding Ukraine. A report published Thursday shows the spyware received a broad range of permissions, from tracking location to reading encrypted messages. First…
-
Working in critical infrastructure? Boost your effectiveness with these cybersecurity certifications
Tags: attack, automation, awareness, china, cisa, communications, compliance, control, cyber, cybersecurity, defense, finance, germany, governance, government, healthcare, HIPAA, incident response, infrastructure, international, jobs, network, PCI, privacy, ransomware, resilience, risk, risk-management, russia, sans, service, skills, soc, supply-chain, technology, training, ukraine, update, warfareHybrid warfare between nation-states is imperilling critical infrastructure around the world, both physically and electronically. Since the start of the Ukraine-Russia conflict, hybrid cyber/physical attacks on satellite and communications, energy, transportation, water, and other critical sectors have spread across Europe and beyond.Chinese perpetrators are actively infiltrating telecommunications networks in the US and abroad, according to…
-
Cyberspionage auf die Gamaredon-Art: Mit diesen Tools wurde die Ukraine in 2022 und 2023 ausgespäht
ESET Research hat eine umfassende technische Analyse durchgeführt, wie und mit welchem Toolset Gamaredon seine Cyberspionage-Aktivitäten in der Ukrain… First seen on welivesecurity.com Jump to article: www.welivesecurity.com/de/eset-research/cyberspionage-auf-die-gamaredon-art-mit-diesen-tools-wurde-die-ukraine-in-2022-und-2023-ausgespaeht/
-
Cyberangriff auf ein Rechenzentrum in der Ukraine
First seen on facebook.com Jump to article: www.facebook.com/ParkovyiDC/posts/pfbid0QjzoyheauENWd19MBZZT9fT82GGn4EciiNDG55GQDEiA96SireRqaG87BWQRHiSPl
-
DDoS-Angriff auf die Militärbehörde für Kriegsgefangene in Ukraine
First seen on therecord.media Jump to article: therecord.media/ukraine-pow-agency-cyberattack-russia
-
Cyberangriff auf staatliches Unternehmen in der Ukraine
First seen on reuters.com Jump to article: www.reuters.com/technology/cybersecurity/ukraine-says-2000-computers-state-firm-were-impacted-cyber-attack-2024-02-01/
-
Cyberangriff auf das Parlament der Ukraine
First seen on kyivindependent.com Jump to article: kyivindependent.com/parliaments-website-reportedly-hit-by-cyberattack/
-
Cyberangriffe auf kritische Infrastrukturen in der Ukraine
First seen on cert.gov.ua Jump to article: cert.gov.ua/article/6278706
-
Cyberangriff auf ein Medienunternehmen in der Ukraine
First seen on reuters.com Jump to article: www.reuters.com/world/europe/ukraines-11-media-group-reports-cyberattack-satellite-tv-channels-2024-04-17/
-
CFC Response to Russia / Ukraine Tensions and Potential Cyber-Attacks in Retaliation to Western Sanctions
As the current situation continues to evolve, the Kudelski Security Cyber Fusion Center iscontinuously adapting our response to events, intelligence, … First seen on research.kudelskisecurity.com Jump to article: research.kudelskisecurity.com/2022/04/04/cfc-response-to-russia-ukraine-tensions-and-potential-cyber-attacks-in-retaliation-to-western-sanctions/
-
‘Operation Undercut’ Adds to Russia Malign Influence Campaigns
Just like Russia’s Doppelgänger effort, the goal is to spread misinformation about Ukraine and Western efforts to help Ukraine in its war with Russia. First seen on darkreading.com Jump to article: www.darkreading.com/cybersecurity-operations/operation-undercut-russia-malign-influence-campaigns