Tag: ukraine

Russian Hackers Sandworm Cause Power Outage in Ukraine Amidst Missile Strikes
News

Russian Hackers Sandworm Cause Power Outage in Ukraine Amidst Missile Strikes

Sandworm, a notorious Russian hacker, targeted an electrical substation in Ukraine last year, causing a brief power outage in October 2022. According to Google's Mandiant, the hack was a "multi-event cyber attack" that used a novel technique to impact industrial control systems (ICS). The actor "first used OT-level living-off-the-land (LotL) techniques to likely trip the victim's substation circuit breakers, resulting in an unplanned power outage that coincided with mass missile strikes on critical infrastructure across Ukraine," according to the company. Sandworm then carried out a second disruptive event in the victim's IT environment by deploying read more Russian Hackers Sandworm Cause Power Outage in Ukraine Amidst Missile Strikes. Get up to date on the latest cybersecurity ...
Russia’s Turla hackers target Ukraine’s defense with spyware
News

Russia’s Turla hackers target Ukraine’s defense with spyware

According to recent findings from the nation's computer emergency response team (CERT-UA), the Russian hacking outfit Turla is targeting Ukrainian defense personnel with surveillance software. Turla, a cyberespionage organization also known as Waterbug and Venomous Bear, has strong ties to the FSB, the Russian intelligence service. The gang has been connected to a number of well-known cyberattacks, including those in 2014 against the Ukrainian Parliament and the German Bundestag. In a report released on Wednesday, CERT-UA claimed to have seen a gang using the spyware programs Capibar and Kazuar to attack Ukrainian defense personnel read more Russia’s Turla hackers target Ukraine’s defense with spyware. Stay informed with the best cybersecurity news and raise your cybersecurity aw...
PicassoLoader Malware Used in Ongoing Attacks on Ukraine and Poland
News

PicassoLoader Malware Used in Ongoing Attacks on Ukraine and Poland

Campaigns aimed at stealing private information and gaining enduring remote access to infected computers have targeted governmental agencies, military organizations, and civilian users in Ukraine and Poland. The incursion set, which spans the months between April 2022 and July 2023, uses phishing lures and fake documents to launch PicassoLoader, a downloader virus that serves as a conduit for Cobalt Strike Beacon and njRAT. According to a recent analysis by Cisco Talos researcher Vanja Svajcer, "the attacks used a multistage infection chain initiated with malicious Microsoft Office documents, most frequently using Microsoft Excel and PowerPoint file formats." This was followed by an executable downloader and payload that was hidden inside an image file read more PicassoLoader Malwar...
Russia sends in cyber attack dogs as NATO summit looms
News

Russia sends in cyber attack dogs as NATO summit looms

The threat organization NoName has taken down multiple websites related to travel and tourism in the Lithuanian capital, signaling that Russia's cyber partisans are becoming more enthusiastic about the Kremlin's directive to scuttle the impending NATO summit in Vilnius. Just before going to print, Cybernews investigated the GoVilnius tourism promotion website, and it appears that the portal is currently unavailable. It also appears that the stops.lt website, which lets users organize trips around the capital of Lithuania, has been impacted. However, it appears that the Trafi app, which enables users to reserve and activate bus tickets for trips within the capital city of Lithuania read more Russia sends in cyber attack dogs as NATO summit looms. Stay informed with the best cybers...
RomCom RAT Targeting NATO and Ukraine Support Groups
News

RomCom RAT Targeting NATO and Ukraine Support Groups

Threat actors believed to be behind the RomCom RAT are accused of conducting phishing operations against an organization known to promote Ukraine overseas as well as the next NATO Summit in Vilnius. The BlackBerry Threat Research and Intelligence team made these discoveries after discovering two malicious documents that were sent on July 4, 2023, from an IP address in Hungary. Recently, it was discovered that RomCom, also known as Tropical Scorpius, UNC2596, and Void Rabisu, was launching cyberattacks against Ukrainian politicians who are closely collaborating with Western nations and a U.S. read more RomCom RAT Targeting NATO and Ukraine Support Groups. Stay one step ahead of cyber threats with ReconBee.com. Explore our comprehensive coverage of recent cyber attacks, cybersecuri...
APT28 Targets Ukrainian Government Entities with Fake “Windows Update” Emails
News

APT28 Targets Ukrainian Government Entities with Fake “Windows Update” Emails

Various government entities in the nation have been the target of cyberattacks by Russian nation-state hackers, according to the Computer Emergency Response Team of Ukraine (CERT-UA). APT28, also known as Fancy Bear, Forest Blizzard, FROZENLAKE, Iron Twilight, Sednit, and Sofacy, was blamed by the agency for the phishing effort. The emails have "Windows Update" as their subject line and claim to offer instructions in Ukrainian for running a PowerShell operation under the guise of security updates read more APT28 Targets Ukrainian Government Entities with Fake Windows Update Emails. With ReconBee.com Stay ahead of the latest threats with in-depth coverage of cyber attacks and cybersecurity trends, and the latest cybersecurity news.
Russian hackers target security cameras inside Ukraine coffee shops
News

Russian hackers target security cameras inside Ukraine coffee shops

A top US security officer revealed on Tuesday that Russian hackers had gained access to private security cameras in Ukrainian coffee shops to gather information on relief convoys going by. The Russian government and government-backed hackers continue to attack Ukrainian information technology infrastructure as part of their invasion of the nation, according to Rob Joyce, director of cybersecurity at the National Security Agency. He said one area of concentration is closed-circuit TV cameras used by public and private organizations to monitor their surroundings read more Russian hackers target security cameras inside Ukraine coffee shops. With ReconBee.com Stay ahead of the latest threats with in-depth coverage of cyber attacks and cybersecurity trends, and the latest cybersecurit...
Remcos Trojan Returns to Most Wanted Malware List After Ukraine Attacks
Resources, Risk, Security

Remcos Trojan Returns to Most Wanted Malware List After Ukraine Attacks

For the first time since December 2022, the Remcos Trojan is back on Check Point Software's top ten list of the most desired malware (in position 8). The most recent report, which the business released earlier today, claims that threat actors utilized Remcos extensively in February to conduct phishing operations against Ukrainian government agencies. The research report makes clear that, generally, there were 44% fewer weekly attacks on Ukraine between October 2022 and February 2023 read more Remcos Trojan Returns to Most Wanted Malware List After Ukraine Attacks. Stay informed with the best cybersecurity news and raise your cybersecurity awareness with our comprehensive coverage of the latest threats, breaches, and solutions.
US Treasury sanctions Russian cyber and influence entities
Risk, Security

US Treasury sanctions Russian cyber and influence entities

The US Treasury has been imposing sanctions on Russian corporations and individuals on a regular basis. Yet, it has sanctioned cyber-adjacent companies for the first time since Russia's invasion of Ukraine. The US sanctioned 22 individuals and 83 businesses in Russia, as well as 30 persons and companies in third-party nations who assisted Moscow in evading earlier US sanctions. Since 2014, when the Kremlin staged the annexation of Crimea and launched the Donbas war, America has imposed sanctions on Russian organizations and officials read more US Treasury sanctions Russian cyber and influence entities. Stay informed with the best cybersecurity news and raise your cybersecurity awareness with our comprehensive coverage of the latest threats, breaches, and solutions.
CISA Calls For Increased Vigilance One Year After Ukraine’s Russian Invasion
Risk, Security

CISA Calls For Increased Vigilance One Year After Ukraine’s Russian Invasion

Nations' defense forces were forewarned yesterday against disruptive and defacement attacks by the US Cybersecurity and Infrastructure Security Agency (CISA). This, the agency suggested on Thursday, might result from efforts to cause social unrest and disorder on the anniversary of Russia's invasion of Ukraine in 2022. According to the blog post, "CISA maintains public cybersecurity services, including Shields Up, in response to the increased geopolitical tensions caused by Russia's full-scale invasion of Ukraine." Moving forward, the sector will see more cyber activity read more about CISA Calls For Increased Vigilance One Year After Ukraine Russian Invasion. Stay informed with the best cybersecurity news and raise your cybersecurity awareness with our comprehensive coverage ...