Lucene search
+L

43 matches found

Securelist
Securelist
added 2025/12/19 10:0 a.m.12 views

Cloud Atlas activity in the first half of 2025: what changed

Known since 2014, the Cloud Atlas group targets countries in Eastern Europe and Central Asia. Infections occur via phishing emails containing a malicious document that exploits an old vulnerability in the Microsoft Office Equation Editor process CVE-2018-0802 to download and execute malicious cod...

9.3CVSS8.8AI score0.93289EPSS
Exploits7
HackRead
HackRead
added 2025/08/12 3:26 p.m.17 views

Russian-Linked Curly COMrades Deploy MucorAgent Malware in Europe

A new report from Bitdefender reveals the Russian-linked hacking group Curly COMrades is targeting Eastern Europe with a…...

7.3AI score
Exploits0
The Hacker News
The Hacker News
added 2025/06/23 1:12 p.m.14 views

XDigo Malware Exploits Windows LNK Flaw in Eastern European Government Attacks

Cybersecurity researchers have uncovered a Go-based malware called XDigo that has been used in attacks targeting Eastern European governmental entities in March 2025. The attack chains are said to have leveraged a collection of Windows shortcut LNK files as part of a multi-stage procedure to depl...

7.8AI score
Exploits0
The Hacker News
The Hacker News
added 2025/05/15 10:5 a.m.38 views

Russia-Linked APT28 Exploited MDaemon Zero-Day to Hack Government Webmail Servers

A Russia-linked threat actor has been attributed to a cyber espionage operation targeting webmail servers such as Roundcube, Horde, MDaemon, and Zimbra via cross-site scripting XSS vulnerabilities, including a then-zero-day in MDaemon, according to new findings from ESET. The activity, which...

5.3CVSS8AI score0.84456EPSS
Exploits5
The Hacker News
The Hacker News
added 2025/03/04 9:1 a.m.16 views

Over 4,000 ISP IPs Targeted in Brute-Force Attacks to Deploy Info Stealers and Cryptominers

Internet service providers ISPs in China and the West Coast of the United States have become the target of a mass exploitation campaign that deploys information stealers and cryptocurrency miners on compromised hosts. The findings come from the Splunk Threat Research Team, which said the activity...

7AI score
Exploits0
Securelist
Securelist
added 2024/12/23 10:0 a.m.41 views

Cloud Atlas seen using a new tool in its attacks

Introduction Known since 2014, Cloud Atlas targets Eastern Europe and Central Asia. We're shedding light on a previously undocumented toolset, which the group used heavily in 2024. Victims get infected via phishing emails containing a malicious document that exploits a vulnerability in the formul...

7.8CVSS8.4AI score0.93289EPSS
Exploits7
Wired Threat Level
Wired Threat Level
added 2024/12/13 10:0 a.m.9 views

As the Mastermind of Far-Right ‘Active Clubs’ Goes to Prison, His Violent Movement Goes Global

The white supremacist Robert Rundo faces years in prison. But the “Active Club” network he helped create has proliferated in countries around the world, from Eastern Europe to South America...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2024/04/17 1:32 p.m.62 views

Russian APT Deploys New 'Kapeka' Backdoor in Eastern European Attacks

A previously undocumented "flexible" backdoor called Kapeka has been "sporadically" observed in cyber attacks targeting Eastern Europe, including Estonia and Ukraine, since at least mid-2022. The findings come from Finnish cybersecurity firm WithSecure, which attributed the malware to the...

7.4AI score
Exploits0
HackRead
HackRead
added 2024/02/21 7:0 p.m.12 views

Top Software Development Outsourcing Trends

By Uzair Amir Eastern Europe is swiftly rising to prominence in the software development outsourcing sector. This ascendance is marked not… This is a post from HackRead.com Read the original post: Top Software Development Outsourcing Trends...

7.2AI score
Exploits0
Securelist
Securelist
added 2023/10/18 10:0 a.m.90 views

Updated MATA attacks industrial companies in Eastern Europe

In early September 2022, we discovered several new malware samples belonging to the MATA cluster. As we were collecting and analyzing the relevant telemetry data, we realized the campaign had been launched in mid-August 2022 and targeted over a dozen corporations in Eastern Europe from the oil an...

5.1CVSS7.4AI score0.80667EPSS
Exploits11
HackRead
HackRead
added 2023/08/01 5:24 p.m.20 views

Chinese APT Group Hits Air-Gapped Systems in Europe with Malware

By Deeba Ahmed Industrial organizations in Eastern Europe are the prime targets of this data-harvesting campaign. This is a post from HackRead.com Read the original post: Chinese APT Group Hits Air-Gapped Systems in Europe with Malware...

6.9AI score
Exploits0
The Hacker News
The Hacker News
added 2023/05/11 2:45 p.m.2 views

New APT Group Red Stinger Targets Military and Critical Infrastructure in Eastern Europe

A previously undetected advanced persistent threat APT actor dubbed Red Stinger has been linked to attacks targeting Eastern Europe since 2020. "Military, transportation, and critical infrastructure were some of the entities being targeted, as well as some involved in the September East Ukraine...

6.6AI score
Exploits0
The Hacker News
The Hacker News
added 2023/05/11 2:45 p.m.66 views

New APT Group Red Stinger Targets Military and Critical Infrastructure in Eastern Europe

A previously undetected advanced persistent threat APT actor dubbed Red Stinger has been linked to attacks targeting Eastern Europe since 2020. "Military, transportation, and critical infrastructure were some of the entities being targeted, as well as some involved in the September East Ukraine...

6.8AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/05/10 2:0 a.m.36 views

Uncovering RedStinger - Undetected APT cyber operations in Eastern Europe since 2020

This blog post was authored by Malwarebytes' Roberto Santos and Fortinet's Hossein Jazi While the official conflict between Russia and Ukraine began in February 2022, there is a long history of physical conflict between the two nations, including the 2014 annexation of Crimea by Russia and when t...

7.3AI score
Exploits0
The Hacker News
The Hacker News
added 2023/04/13 9:7 a.m.4 views

Lazarus Hacker Group Evolves Tactics, Tools, and Targets in DeathNote Campaign

The North Korean threat actor known as the Lazarus Group has been observed shifting its focus and rapidly evolving its tools and tactics as part of a long-running campaign called DeathNote. While the nation-state adversary is known for persistently singling out the cryptocurrency sector, recent...

6.7AI score
Exploits0
The Hacker News
The Hacker News
added 2023/03/29 9:17 a.m.39 views

Trojanized TOR Browser Installers Spreading Crypto-Stealing Clipper Malware

Trojanized installers for the TOR anonymity browser are being used to target users in Russia and Eastern Europe with clipper malware designed to siphon cryptocurrencies since September 2022. "Clipboard injectors ... can be silent for years, show no network activity or any other signs of presence...

6.4AI score
Exploits0
The Hacker News
The Hacker News
added 2023/03/29 9:17 a.m.4 views

Trojanized TOR Browser Installers Spreading Crypto-Stealing Clipper Malware

Trojanized installers for the TOR anonymity browser are being used to target users in Russia and Eastern Europe with clipper malware designed to siphon cryptocurrencies since September 2022. "Clipboard injectors ... can be silent for years, show no network activity or any other signs of presence...

6.6AI score
Exploits0
HackRead
HackRead
added 2023/03/08 6:25 p.m.26 views

Phishing Attack Uses UAC Bypass to Drop Remcos RAT Malware

By Deeba Ahmed Currently, scammers are using DBatLoader malware loader to distribute Remcos RAT to businesses and institutions across Eastern Europe. This is a post from HackRead.com Read the original post: Phishing Attack Uses UAC Bypass to Drop Remcos RAT Malware...

2.7AI score
Exploits0
The Hacker News
The Hacker News
added 2023/02/11 11:11 a.m.2 views

Enigma, Vector, and TgToxic: The New Threats to Cryptocurrency Users

Suspected Russian threat actors have been targeting Eastern European users in the crypto industry with fake job opportunities as bait to install information-stealing malware on compromised hosts. The attackers "use several highly obfuscated and under-development custom loaders in order to infect...

7.8CVSS6.7AI score0.09011EPSS
Exploits7
The Hacker News
The Hacker News
added 2022/08/16 9:35 a.m.53 views

Microsoft Warns About Phishing Attacks by Russia-linked Hackers

Microsoft on Monday revealed it took steps to disrupt phishing operations undertaken by a "highly persistent threat actor" whose objectives align closely with Russian state interests. The company is tracking the espionage-oriented activity cluster under its chemical element-themed moniker...

0.8AI score
Exploits0
Rows per page
Query Builder