Microsoft Issues Report of Russian Cyberattacks against Ukraine

Microsoft has a comprehensive report on the dozens of cyberattacks -- and even more espionage operations -- Russia has conducted against Ukraine as part of this war: At least six Russian Advanced Persistent Threat APT actors and other unattributed threats, have conducted destructive attacks,...

Cyberattacks Rage in Ukraine, Support Military Operations

Cyberattacks against Ukraine have been used strategically to support ground campaigns, with five state-sponsored advanced persistent threat APT groups behind attacks that began in February. According to research published by Microsoft on Wednesday, the APTs involved in the campaigns are...

Cyberattacks Rise Targeting Infrastructure and Geo Tensions

Trellix Threat Labs Research Report: Cyberattacks Targeting Critical Infrastructure Rise Along with Geopolitical Tensions By Trellix · April 27, 2022 The release of our Trellix Threat Labs Research Report: April 2022 examines cybercriminal behavior and activity related to cyber threats in the...

Cyberattacks Rise Targeting Infrastructure and Geo Tensions

Trellix Threat Labs Research Report: Cyberattacks Targeting Critical Infrastructure Rise Along with Geopolitical Tensions By Trellix · April 27, 2022 The release of our Trellix Threat Labs Research Report: April 2022 examines cybercriminal behavior and activity related to cyber threats in the...

CISA Adds Seven Known Exploited Vulnerabilities to Catalog

CISA has added seven new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise. Note: to view the newly...

New Incident Report Reveals How Hive Ransomware Targets Organizations

A recent Hive ransomware attack carried out by an affiliate involved the exploitation of "ProxyShell" vulnerabilities in the Microsoft Exchange Server that were disclosed last year to encrypt an unnamed customer's network. "The actor managed to achieve its malicious goals and encrypt the...

CISA Adds Nine Known Exploited Vulnerabilities to Catalog

CISA has added nine new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise. Note: to view the newly add...

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise. Note: to view the newly added...

Microsoft Takedown Domains Used in Cyberattack Against Ukraine

Microsoft seized seven domains it claims were part of ongoing cyberattacks by what it said are state-sponsored Russian advanced persistent threat actors that targeted Ukrainian-related digital assets. The company obtained court orders to take control of the domains it said were used by Strontium,...

How Russia's Invasion Triggered a US Crackdown on Its Hackers

The Biden White House is using “all of the levers of national power” to counter—or preempt—cyberattacks by Russia’s most dangerous hacker groups...

Successful operations against Russian Sandworm and Strontium groups targeting Ukraine revealed

The US Department of Justice DoJ and Microsoft have taken the sting out of two operations believed to be controlled by the Russian Federation’s Main Intelligence Directorate GRU. On Wednesday, the DOJ announced that it had disrupted GRU’s control over thousands of internet-connected firewall...

Forrester names Microsoft a Leader in 2022 Enterprise Detection and Response Wave™ report

We are excited to share that Microsoft has been named a leader in The Forrester Wave: Enterprise Detection and Response, Q1 2022. Microsoft received one of the highest scores in the strategy category and strength of current offering category. In the Forrester Wave assessment, Microsoft Defender f...

CISA Adds Three Known Exploited Vulnerabilities to Catalog

CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise. Note: to view the newly...

CISA advises D-Link users to take vulnerable routers offline

On April 4 2022, the Cybersecurity & Infrastructure Security Agency CISA added CVE-2021-45382 to its known exploited vulnerabilities catalog. But since the affected products have reached end of life EOL, the advice is to disconnect them, if still in use. CISA catalog The CISA catalog of known...

Mitigating Spring Core “Spring4Shell” Zero-Day

When Spring, the Java-based application, fell victim to cyberattacks, Akamai's Adaptive Security Engine detected zero-day attacks and protected customers against them...

Attacks on Ukraine communications are a major part of the war

Since the start of the Russian invasion of Ukraine, the war on the battlefield has been accompanied by cyber attacks. Those attacks against critical infrastructure have knocked out banking and defense platforms, mostly by targeting several communication systems. In a timeline set up by NetBlocks,...

Satellites are critical infrastructure and need to be cybersecured

In the context of this article we will use the term satellite for a machine that is launched into space and moves around Earth. And there might be a lot more of them than you would expect—this live map tracks a huge number of satellites. Originally most of earth’s satellites were launched for...

A week in security (March 21 – 27)

Last week on Malwarebytes Labs: Anti-war open-source software developer targets Russians and Belarussians with “protestware” Elden Ring exploit traps players in infinite death loop Update now! Many HP printers affected by three critical security vulnerabilities White House urges US businesses:...

White House urges US businesses: Protect against potential Russian cyberattacks

On Monday, the White House told US business leaders to toughen up their cybersecurity defenses against a potential cyberattack from Russia. "The Biden-Harris Administration has warned repeatedly about the potential for Russia to engage in malicious cyber activity against the United States in...

White House Warns of Possible Russian Cyberattacks

News: The White House has issued its starkest warning that Russia may be planning cyberattacks against critical-sector U.S. companies amid the Ukraine invasion. … Context: The alert comes after Russia has lobbed a series of digital attacks at the Ukrainian government and critical industry sectors...