11 matches found
Angry Likho APT Resurfaces with Lumma Stealer Attacks Against Russia
Angry Likho APT resurfaces, targeting Russian and Belarusian organizations with Lumma Stealer malware via phishing attacks, stealing credentials, banking data, and more...
SPECTR Malware Targets Ukraine Defense Forces in SickSync Campaign
The Computer Emergency Response Team of Ukraine CERT-UA has warned of cyber attacks targeting defense forces in the country with a malware called SPECTR as part of an espionage campaign dubbed SickSync. The agency attributed the attacks to a threat actor it tracks under the moniker UAC-0020, whic...
VirusBlokAda VBA32 Buffer Error Vulnerability
VirusBlokAda VBA32 is an anti-virus software from the Belarusian company VirusBlokAda. It is used for personal computers running Microsoft Windows. It detects and eliminates computer viruses, computer worms, Trojan horses and other malware backdoors, adware, spyware, etc. in real time on demand. ...
Researchers Uncover Years-Long Cyber Espionage on Foreign Embassies in Belarus
A hitherto undocumented threat actor operating for nearly a decade and codenamed MoustachedBouncer has been attributed to cyber espionage attacks aimed at foreign embassies in Belarus. "Since 2020, MoustachedBouncer has most likely been able to perform adversary-in-the-middle AitM attacks at the...
PicassoLoader Malware Used in Ongoing Attacks on Ukraine and Poland
Government entities, military organizations, and civilian users in Ukraine and Poland have been targeted as part of a series of campaigns designed to steal sensitive data and gain persistent remote access to the infected systems. The intrusion set, which stretches from April 2022 to July 2023,...
Malicious campaigns target government, military and civilian entities in Ukraine, Poland
Cisco Talos has discovered a threat actor conducting several campaigns against government entities, military organizations and civilian users in Ukraine and Poland. We judge that these operations are very likely aimed at stealing information and gaining persistent remote access. The activity we...
Pro-Ukraine ‘Protestware’ Pushes Antiwar Ads, Geo-Targeted Malware
Researchers are tracking a number of open-source "protestware" projects on GitHub that have recently altered their code to display "Stand with Ukraine" messages for users, or basic facts about the carnage in Ukraine. The group also is tracking several code packages that were recently modified to...
Google: Russian Hackers Target Ukrainians, European Allies via Phishing Attacks
A broad range of threat actors, including Fancy Bear, Ghostwriter, and Mustang Panda, have launched phishing campaigns against Ukraine, Poland, and other European entities amid Russia's invasion of Ukraine. Google's Threat Analysis Group TAG said it took down two Blogspot domains that were used b...
Hackers Try to Target European Officials to Get Info on Ukrainian Refugees, Supplies
Details of a new nation-state sponsored phishing campaign have been uncovered setting its sights on European governmental entities in what's seen as an attempt to obtain intelligence on refugee and supply movement in the region. Enterprise security company Proofpoint, which detected the malicious...
Wired Unpacks Stuxnet Mystery
You might think that everything that needs to be written on Stuxnet already has. After all, Threatpost has spilled virtual column inches on the stealthy worm, which targeted Siemens Simatic S7 programmable logic controllers. That’s in addition to posts by the likes of Symantec, McAfee and the...
ID Theft Services Domain Shut Down by Feds
Two Belarusian nationals suspected of operating a rent-a-fraudster service for bank and identity thieves have been arrested overseas, according to New York authorities, who unsealed an indictment for one of the suspects. Read the full article. Wired...