Tag: russia
-
US Crackdown With Microsoft: Over 100 Russian Domains Seized
In the most recent US crackdown with Microsoft a total of 107 Russian domains have been seized. Reports claim that these domains were mainly used by state sponsored threat actors for malicious purposes. In this article, we’ll dive into the details of the US crackdown, the threat actor behind the malicious initiatives, and more. Let’s……
-
UAT-5647 Unleashes RomCom Malware in Attacks on Ukraine and Poland
In a sophisticated and persistent cyber campaign, the UAT-5647 threat actor group, known for its ties to Russian-speaking adversaries, has launched a series of targeted attacks against Ukrainian government and... First seen on securityonline.info Jump to article: securityonline.info/uat-5647-unleashes-romcom-malware-in-attacks-on-ukraine-and-poland/
-
Pro-Russian Threat Actors Launch Coordinated DDoS Attacks Against Japanese Organizations
Japan has become the latest target of pro-Russian hacktivists following the country’s move towards increased military cooperation with the US. According to a new report from cybersecurity researcher Marcin Nawrocki... First seen on securityonline.info Jump to article: securityonline.info/pro-russian-threat-actors-launch-coordinated-ddos-attacks-against-japanese-organizations/
-
Uncle Sam puts $10M bounty on Russian troll farm Rybar
Propaganda op focuses on anti-West narratives to meddle with elections First seen on theregister.com Jump to article: www.theregister.com/2024/10/18/us_rybar_bounty/
-
Russia-linked RomCom group targeted Ukrainian government agencies since late 2023
Russia-linked threat actor RomCom targeted Ukrainian government agencies and Polish entities in cyber attacks since late 2023. Cisco Talos researchers observed Russia-linked threat actor RomCom (aka UAT-5647, Storm-0978, Tropical Scorpius, UAC-0180, UNC2596) targeting Ukrainian government agencies and Polish entities in a new wave of attacks since at least late 2023. In the recent attacks, RomCom…
-
Nation-state activity blurring with cybercrime
Microsoft’s Digital Defense Report 2024 noted that Russia ‘outsourced some cyberespionage operations’ against Ukraine to otherwise independent cybercrime gangs. First seen on techtarget.com Jump to article: www.techtarget.com/searchsecurity/news/366613660/Microsoft-Nation-state-activity-blurring-with-cybercrime
-
Operation Toy Soldier: U.S. Indicts Russian Hackers for Cyberattacks on Ukrainan Government
The U.S. Department of Justice announced the indictment of several members of Russia’s GRU Unit 29155 for their alleged role in a series of cyberattacks on Ukrainian government. This initiative, known as Operation Toy Soldier, highlights the ongoing threat posed by state-sponsored cyber activity, particularly Russia’s invasion of Ukraine. First seen on thecyberexpress.com Jump to article:…
-
Some Americans are still using Kaspersky’s antivirus despite US government ban
Not everyone in the U.S. has given up on the Russian-made antivirus. Some Americans have found ways to get around the ban and are still using Kaspersky’s antivirus. First seen on techcrunch.com Jump to article: techcrunch.com/2024/10/15/some-americans-are-still-using-kasperskys-antivirus-despite-u-s-government-ban/
-
Cybercriminals Are Increasingly Helping Russia and China Target the US and Allies, Microsoft Says
The growing collaboration between authoritarian governments and criminal hackers has alarmed national security officials and cybersecurity experts. The post Cybercriminals Are Increasingly Helping Russia and China Target the US and Allies, Microsoft Says appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/cybercriminals-are-increasingly-helping-russia-and-china-target-the-us-and-allies-microsoft-says/
-
Some Americans are still using Kaspersky’s antivirus despite U.S. government ban
Not everyone in the U.S. has given up on the Russian-made antivirus. Some Americans have found ways to get around the ban and are still using Kaspersky’s antivirus. First seen on techcrunch.com Jump to article: techcrunch.com/2024/10/15/some-americans-are-still-using-kasperskys-antivirus-despite-u-s-government-ban/
-
Imperva Defends Against Targeted Exploits Used By APT29 Hackers
Recently, U.S. and U.K. cyber agencies have warned of a renewed wave of attacks led by Russian APT29 hackers. These sophisticated threat actors have been actively exploiting vulnerabilities in Zimbra Collaboration Suite and JetBrains TeamCity, specifically CVE-2022-27924 and CVE-2023-42793, to target critical systems. At Imperva, we are committed to ensuring our customers remain secure from……
-
Happy United States of America’s Columbus Day October 14, 2024
A Proclamation on Columbus Day, 2024 Today, we celebrate the proud heritage of Italian Americans in our Nation, whose contributions and character have shaped our country’s soul. I believe we are the only Nation in the world with a heart and soul that draws from old and new. For some Italian-American families,…
-
Ukraine cyber cops collar man who hooked citizens up to Russian internet
‘Self-taught hacker’ facing a possible 15 years in the slammer First seen on theregister.com Jump to article: www.theregister.com/2024/10/11/ukraine_startup_russia_vpn/
-
Russia-linked group APT29 is targeting Zimbra and JetBrains TeamCity servers on a large scale
U.S. and U.K. cyber agencies warn that Russia-linked group APT29 is targeting vulnerable Zimbra and JetBrains TeamCity servers on a large scale. Russia-linked cyber espionage group APT29 (aka SVR group, BlueBravo, Cozy Bear, Nobelium, Midnight Blizzard, and The Dukes) target vulnerable Zimbra and JetBrains TeamCity servers as part of a mass scale campaign, U.S. and U.K. cyber agencies warned. The Federal Bureau…
-
The FBI Made a Crypto Coin Just to Catch Fraudsters
Plus: New details emerge in the National Public Data breach, Discord gets blocked in Russia and Turkey over alleged illegal activity on the platform, and more. First seen on wired.com Jump to article: www.wired.com/story/fbi-cryptocurrency-pump-and-dump/
-
NSA, FBI, and Allies Expose Ongoing Russian Cyber Espionage Operations
Recently, the National Security Agency (NSA), Federal Bureau of Investigation (FBI), the United States Cyber Command’s Cyber National Mission Force (CNMF), and the United Kingdom’s National Cyber Security Centre (NCSC)... First seen on securityonline.info Jump to article: securityonline.info/nsa-fbi-and-allies-expose-ongoing-russian-cyber-espionage-operations/
-
Ukraine police arrest hacker for operating illegal VPN service to access sanctioned Russian sites
First seen on therecord.media Jump to article: therecord.media/ukraine-police-arrest-vpn-operator-russia
-
Agencies warn about Russian government hackers going after unpatched vulnerabilities
The SVR is conducting its targeting both specifically and broadly, the U.S. and U.K. cyber agencies said. First seen on cyberscoop.com Jump to article: cyberscoop.com/agencies-warn-about-russian-government-hackers-going-after-unpatched-vulnerabilities/
-
Russian court websites down after breach claimed by pro-Ukraine hackers
First seen on therecord.media Jump to article: therecord.media/russian-court-websites-down-attack-claimed-pro-ukraine-group
-
Russia’s SVR Targets Zimbra, TeamCity Servers for Cyber Espionage
Russian-backed APT29 has been spying on US and European organizations since at least 2021, a US-UK joint advisory said First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/russias-svr-targets-zimbra/
-
EU Plans Sanctions for Cyberattackers Acting on Behalf of Russia
The European Union’s new sanctions framework will target individuals and organizations engaging in pro-Russian activities such as cyberattacks and information manipulation to undermine EU support for Ukraine. First seen on darkreading.com Jump to article: www.darkreading.com/cyber-risk/eu-sanctions-sabotage-cyberattacks-russia
-
Ukraine arrests rogue VPN operator providing access to Runet
Ukraine’s cyber police have arrested a 28-year-old man who operated a massive virtual private network (VPN) service, allowing people from within the country to access the Russian internet (Runet). First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/legal/ukraine-arrests-rogue-vpn-operator-providing-access-to-runet/
-
US, UK warn of Russian APT29 hackers targeting Zimbra, TeamCity servers
U.S. and U.K. cyber agencies warned today that APT29 hackers linked to Russia’s Foreign Intelligence Service (SVR) target vulnerable Zimbra and JetBrains TeamCity servers “at a mass scale.” First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/us-uk-warn-of-russian-apt29-hackers-targeting-zimbra-teamcity-servers/
-
NSA cyber chief: Espionage is now Russia’s focus for cyberattacks on Ukraine
First seen on therecord.media Jump to article: therecord.media/russia-ukraine-espionage-luber-nsa
-
Russian cyber firm Dr.Web denies data leak by pro-Ukraine hackers
First seen on therecord.media Jump to article: therecord.media/russian-antivirus-company-drweb-denies-data-leak
-
NSA cyber director: Espionage is now Russia’s focus for cyberattacks on Ukraine
First seen on therecord.media Jump to article: therecord.media/russia-ukraine-espionage-luber-nsa
-
Nearly 100 arrested in Russian crypto exchange crackdown
First seen on scworld.com Jump to article: www.scworld.com/brief/nearly-100-arrested-in-russian-crypto-exchange-crackdown
-
Awaken Likho APT leverages new tools in recent attacks against Russia
First seen on scworld.com Jump to article: www.scworld.com/brief/awaken-likho-apt-leverages-new-tools-in-recent-attacks-against-russia
-
Recent Dr.Web cyberattack claimed by pro-Ukrainian hacktivists
A group of pro-Ukrainian hacktivists has claimed responsibility for the September breach of Russian security company Doctor Web (Dr.Web). First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/recent-drweb-breach-claimed-by-dumpforums-pro-ukrainian-hacktivists/
-
Awaken Likho APT group targets Russian government with a new implant
A threat actor tracked as Awaken Likho is targeting Russian government agencies and industrial entities, reported cybersecurity firm Kaspersky. A recent investigation by Kaspersky researchers into the APT group Awaken Likho (aka Core Werewolf and PseudoGamaredon) uncovered a new campaign from June to August 2024, showing a shift from UltraVNC to the MeshCentral platform for…