15 matches found
Proxy Services Feast on Ukraine’s IP Address Exodus
Image: Mark Rademaker, via Shutterstock. Ukraine has seen nearly one-fifth of its Internet space come under Russian control or sold to Internet address brokers since February 2022, a new study finds. The analysis indicates large chunks of Ukrainian Internet address space are now in the hands of...
North Korean Konni APT Targets Ukraine with Malware to track Russian Invasion Progress
The North Korea-linked threat actor known as Konni APT has been attributed to a phishing campaign targeting government entities in Ukraine, indicating the threat actor's targeting beyond Russia. Enterprise security firm Proofpoint said the end goal of the campaign is to collect intelligence on th...
Cadet Blizzard emerges as a novel and distinct Russian threat actor
As Russia’s invasion of Ukraine continues into its second year and Microsoft continues to collaborate with global partners in response, the exposure of destructive cyber capabilities and information operations provide greater clarity into the tools and techniques used by Russian state-sponsored...
Accused ‘Raccoon’ Malware Developer Fled Ukraine After Russian Invasion
A 26-year-old Ukrainian man is awaiting extradition from The Netherlands to the United States on charges that he acted as a core developer for Raccoon, a popular "malware-as-a-service" offering that helped paying customers steal passwords and financial data from millions of cybercrime victims...
Threat Source newsletter (Oct. 20, 2022) — Shields Up! No seriously, Shields Waaaaay Up
By Jon Munshaw. Welcome to this weeks edition of the Threat Source newsletter. Im very excited about this video -- its a project Ive been working on with my team for a while now. Building off what Ive written about in the past regarding fake news, this video examines what essentially equates to t...
Russian Gamaredon Hackers Target Ukrainian Government Using Info-Stealing Malware
An ongoing espionage campaign operated by the Russia-linked Gamaredon group is targeting employees of Ukrainian government, defense, and law enforcement agencies with a piece of custom-made information stealing malware. "The adversary is using phishing documents containing lures related to the...
Gamaredon APT targets Ukrainian government agencies in new campaign
By Asheer Malhotra and Guilherme Venere. Cisco Talos recently identified a new, ongoing campaign attributed to the Russia-linked Gamaredon APT that infects Ukrainian users with information-stealing malware. The adversary is using phishing documents containing lures related to the Russian invasion...
Ukrainian Website Threat Landscape Throughout 2022
The Russian invasion of Ukraine began on February 20, 2022. By mid-March it was clear the cyber-war had begun, and the attacks have been consistent ever since. Prior to this, on March 1, 2022, Wordfence reported on an attack campaign on Ukrainian university websites. In response, we deployed our...
Threat Advisory: DoubleZero
Overview The Computer Emergency Response Team of Ukraine released an advisory on March 22, 2022 disclosing another wiper dubbed "DoubleZero" targeting Ukrainian enterprises during Russia's invasion of the country. This wiper was detected as early as March 17, 2022. DoubleZero is yet another...
Phishing Campaign Targeted Those Aiding Ukraine Refugees
Cyberattackers used a compromised Ukrainian military email address to phish EU government employees who’ve been involved in managing the logistics of refugees fleeing Ukraine, according to a new report. Ukraine has been at the center of an unprecedented wave of cyberattacks in recent weeks and...
Ukraine Universities Hacked As Russian Invasion Started
Note: This article has been updated to reflect that the hosting provider "Njalla", which routed the malicious traffic involved in this attack, is based in Sweden, not in Finland, although IP geolocation data indicates that the specific server that the traffic transited may be based in Finland. We...
Second New 'IsaacWiper' Data Wiper Targets Ukraine After Russian Invasion
A new data wiper malware has been observed deployed against an unnamed Ukrainian government network, a day after destructive cyber attacks struck multiple entities in the country preceding the start of Russia's military invasion. Slovak cybersecurity firm ESET dubbed the new malware "IsaacWiper,"...
Global Cyberattacks Tied to the Russian Invasion of Ukraine
Cyber-risk management and security fundamentals are the key to cyber-resilience. 5 best practices to manage your cyber risk...
Global Cyberattacks Tied to the Russian Invasion of Ukraine
Cyber-risk management and security fundamentals are the key to cyber-resilience. 5 best practices to manage your cyber risk...
‘Be Afraid:’ Massive Cyberattack Downs Ukrainian Gov’t Sites
Cyberattackers brought down around 70 Ukrainian government websites on Friday, defacing the site of the foreign ministry with a message to “Be afraid and expect the worst.” The huge attack hit on Friday, unfolding hours after Russia and Western allies wrapped up fruitless talks intended to...