Lucene search
K

9 matches found

Securelist
Securelist
added 2025/06/09 10:0 a.m.26 views

Sleep with one eye open: how Librarian Ghouls steal data by night

Introduction Librarian Ghouls, also known as "Rare Werewolf" and "Rezet", is an APT group that targets entities in Russia and the CIS. Other security vendors are also monitoring this APT and releasing analyses of its campaigns. The group has remained active through May 2025, consistently targetin...

7.4AI score
Exploits0
The Hacker News
The Hacker News
added 2025/03/21 10:28 a.m.52 views

Kaspersky Links Head Mare to Twelve, Targeting Russian Entities via Shared C2 Servers

Two known threat activity clusters codenamed Head Mare and Twelve have likely joined forces to target Russian entities, new findings from Kaspersky reveal. "Head Mare relied heavily on tools previously associated with Twelve. Additionally, Head Mare attacks utilized command-and-control C2 servers...

9.1CVSS9.5AI score0.99999EPSS
Exploits112
Securelist
Securelist
added 2025/03/13 10:0 a.m.30 views

Head Mare and Twelve join forces to attack Russian entities

Introduction In September 2024, a series of attacks targeted Russian companies, revealing indicators of compromise and tactics associated with two hacktivist groups: Head Mare and Twelve. Our investigation showed that Head Mare relied heavily on tools previously associated with Twelve...

9.1CVSS8.6AI score0.99999EPSS
Exploits112
The Hacker News
The Hacker News
added 2025/01/27 7:59 a.m.11 views

GamaCopy Mimics Gamaredon Tactics in Cyber Espionage Targeting Russian Entities

A previously unknown threat actor has been observed copying the tradecraft associated with the Kremlin-aligned Gamaredon hacking group in its cyber attacks targeting Russian-speaking entities. The campaign has been attributed to a threat cluster dubbed GamaCopy , which is assessed to share overla...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2022/10/20 4:31 p.m.117 views

OldGremlin Ransomware Targeted Over a Dozen Russian Entities in Multi-Million Scheme

A Russian-speaking ransomware group dubbed OldGremlin has been attributed to 16 malicious campaigns aimed at entities operating in the transcontinental Eurasian nation over the course of two and a half years. "The group's victims include companies in sectors such as logistics, industry, insurance...

7.8CVSS0.2AI score0.28307EPSS
Exploits16
Malwarebytes
Malwarebytes
added 2022/08/03 9:0 p.m.1191 views

Woody RAT: A new feature-rich malware spotted in the wild

This blog post was authored by Ankur Saini and Hossein Jazi The Malwarebytes Threat Intelligence team has identified a new Remote Access Trojan we are calling Woody Rat that has been in the wild for at least one year. This advanced custom Rat is mainly the work of a threat actor that targets...

9.3CVSS0.3AI score0.99374EPSS
Exploits62
HackRead
HackRead
added 2022/04/11 11:41 p.m.15 views

Anonymous Hits 3 Russian Entities, Leaks 400 GB Worth of Emails

By Waqas Anonymous has taken Operation OpRussia a step further by targeting Aerogas, Forest, and Petrovsky Fort, which happened to… This is a post from HackRead.com Read the original post: Anonymous Hits 3 Russian Entities, Leaks 400 GB Worth of Emails...

1.2AI score
Exploits0
Talos Blog
Talos Blog
added 2022/03/12 11:54 a.m.15 views

Threat advisory: Cybercriminals compromise users with malware disguised as pro-Ukraine cyber tools

Update March 12, 2022: Cisco Talos has updated the IOC section with additional hashes. Executive summary Opportunistic cybercriminals are attempting to exploit Ukrainian sympathizers by offering malware purporting to be offensive cyber tools to target Russian entities. Once downloaded, these...

3AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/09/22 7:16 p.m.96 views

MSHTML attack targets Russian state rocket centre and interior ministry

Malwarebytes has reason to believe that the MSHTML vulnerability listed under CVE-2021-40444 is being used to target Russian entities. The Malwarebytes Intelligence team has intercepted email attachments that are specifically targeting Russian organizations. The first template we found is designe...

6.8CVSS0.96843EPSS
Exploits38
Rows per page
Query Builder