Lucene search
K

24 matches found

The Hacker News
The Hacker News
added 2026/03/28 7:7 a.m.17 views

TA446 Deploys DarkSword iOS Exploit Kit in Targeted Spear-Phishing Campaign

Proofpoint has disclosed details of a targeted email campaign in which threat actors with ties to Russia are leveraging the recently disclosed DarkSword exploit kit to target iOS devices. The activity has been attributed with high confidence to the Russian state-sponsored threat group known as...

6.1AI score
Exploits0
The Hacker News
The Hacker News
added 2024/10/11 8:34 a.m.34 views

CISA Warns of Threat Actors Exploiting F5 BIG-IP Cookies for Network Reconnaissance

The U.S. Cybersecurity and Infrastructure Security Agency CISA is warning that it has observed threat actors leveraging unencrypted persistent cookies managed by the F5 BIG-IP Local Traffic Manager LTM module to conduct reconnaissance of target networks. It said the module is being used to...

9.8CVSS10AI score0.99979EPSS
Exploits19
ICS
ICS
added 2024/09/05 12:0 p.m.88 views

Russian Military Cyber Actors Target US and Global Critical Infrastructure

Summary The Federal Bureau of Investigation FBI, Cybersecurity and Infrastructure Security Agency CISA, and National Security Agency NSA assess that cyber actors affiliated with the Russian General Staff Main Intelligence Directorate GRU 161st Specialist Training Center Unit 29155 are responsible...

10CVSS9.3AI score0.99999EPSS
Exploits434References193
The Hacker News
The Hacker News
added 2024/03/09 4:1 a.m.48 views

Microsoft Confirms Russian Hackers Stole Source Code, Some Customer Secrets

Microsoft on Friday revealed that the Kremlin-backed threat actor known as Midnight Blizzard aka APT29 or Cozy Bear managed to gain access to some of its source code repositories and internal systems following a hack that came to light in January 2024. "In recent weeks, we have seen evidence that...

7.7AI score
Exploits0
The Hacker News
The Hacker News
added 2024/02/27 10:34 a.m.27 views

Five Eyes Agencies Expose APT29's Evolving Cloud Attack Tactics

Cybersecurity and intelligence agencies from the Five Eyes nations have released a joint advisory detailing the evolving tactics of the Russian state-sponsored threat actor known as APT29. The hacking outfit, also known as BlueBravo, Cloaked Ursa, Cozy Bear, Midnight Blizzard formerly Nobelium, a...

8AI score
Exploits0
The Hacker News
The Hacker News
added 2024/02/02 2:49 p.m.94 views

Russian APT28 Hackers Targeting High-Value Orgs with NTLM Relay Attacks

Russian state-sponsored actors have staged NT LAN Manager NTLM v2 hash relay attacks through various methods from April 2022 to November 2023, targeting high-value targets worldwide. The attacks, attributed to an "aggressive" hacking crew called APT28, have set their eyes on organizations dealing...

9.8CVSS8.5AI score0.97798EPSS
Exploits67
The Hacker News
The Hacker News
added 2024/01/26 6:3 a.m.48 views

Microsoft Warns of Widening APT29 Espionage Attacks Targeting Global Orgs

Microsoft on Thursday said the Russian state-sponsored threat actors responsible for a cyber attack on its systems in late November 2023 have been targeting other organizations and that it's currently beginning to notify them. The development comes a day after Hewlett Packard Enterprise HPE...

7.3AI score
Exploits0
Microsoft Malware Protection
Microsoft Malware Protection
added 2023/12/07 12:1 p.m.41 views

Star Blizzard increases sophistication and evasion in ongoing attacks

Microsoft Threat Intelligence continues to track and disrupt malicious activity attributed to a Russian state-sponsored actor we track as Star Blizzard formerly SEABORGIUM, also known as COLDRIVER and Callisto Group. Star Blizzard has improved their detection evasion capabilities since 2022 while...

7.2AI score
Exploits0
Microsoft Secure
Microsoft Secure
added 2023/12/07 12:1 p.m.24 views

Star Blizzard increases sophistication and evasion in ongoing attacks

Microsoft Threat Intelligence continues to track and disrupt malicious activity attributed to a Russian state-sponsored actor we track as Star Blizzard formerly SEABORGIUM, also known as COLDRIVER and Callisto Group. Star Blizzard has improved their detection evasion capabilities since 2022 while...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2023/02/08 6:16 a.m.49 views

CERT-UA Alerts Ukrainian State Authorities of Remcos Software-Fueled Cyber Attacks

The Computer Emergency Response Team of Ukraine CERT-UA has issued an alert warning of cyber attacks against state authorities in the country that deploy a legitimate remote access software named Remcos. The mass phishing campaign has been attributed to a threat actor it tracks as UAC-0050, with...

1.4AI score
Exploits0
Talos Blog
Talos Blog
added 2022/07/21 12:0 p.m.375 views

Attackers target Ukraine using GoMet backdoor

Executive summary Since the Russian invasion of Ukraine began, Ukrainians have been under a nearly constant barrage of cyber attacks. Working jointly with Ukrainian organizations, Cisco Talos has discovered a fairly uncommon piece of malware targeting Ukraine — this time aimed at a large software...

10CVSS0.4AI score0.99999EPSS
Exploits69
CISA
CISA
added 2022/05/10 12:0 a.m.14 views

U.S. Government Attributes Cyberattacks on SATCOM Networks to Russian State-Sponsored Malicious Cyber Actors

CISA and the Federal Bureau of Investigation FBI have updated the joint cybersecurity advisory, Strengthening Cybersecurity of SATCOM Network Providers and Customers, originally released March 17, 2022, with U.S. government attribution to Russian state-sponsored malicious cyber actors. The United...

1.9AI score
Exploits0References9
ICS
ICS
added 2022/05/02 12:0 p.m.90 views

Russian State-Sponsored Cyber Actors Gain Network Access by Exploiting Default Multifactor Authentication Protocols and “PrintNightmare” Vulnerability

Summary Multifactor Authentication MFA: A Cybersecurity Essential • MFA is one of the most important cybersecurity practices to reduce the risk of intrusions—according to industry research, users who enable MFA are up to 99 percent less likely to have an account compromised. • Every organization...

9CVSS10AI score0.99759EPSS
Exploits41References56
Imperva Blog
Imperva Blog
added 2022/03/23 3:1 p.m.10 views

CISA Warns CISOs to Brace for Attacks

The U.S. Cybersecurity and Infrastructure Security Agency CISA, a United States federal agency under the oversight of the Department of Homeland Security, is urging business leaders and those responsible for digital security to prepare for attacks and adapt their digital security posture. This is...

0.3AI score
Exploits0
The Hacker News
The Hacker News
added 2022/03/18 4:52 a.m.53 views

New Variant of Russian Cyclops Blink Botnet Targeting ASUS Routers

ASUS routers have emerged as the target of a nascent botnet called Cyclops Blink, almost a month after it was revealed the malware abused WatchGuard firewall appliances as a stepping stone to gain remote access to breached networks. According to a new report published by Trend Micro, the botnet's...

1AI score
Exploits0
CISA
CISA
added 2022/03/15 12:0 a.m.126 views

Russian State-Sponsored Cyber Actors Access Network Misconfigured with Default MFA Protocols

CISA and the Federal Bureau of Investigation FBI have released a joint Cybersecurity Advisory that details how Russian state-sponsored cyber actors accessed a network with misconfigured default multifactor authentication MFA protocols. The actors then exploited a critical Windows Print Spooler...

9CVSS3.1AI score0.99759EPSS
Exploits41References5
ICS
ICS
added 2022/03/01 12:0 p.m.97 views

Understanding and Mitigating Russian State-Sponsored Cyber Threats to U.S. Critical Infrastructure

Summary Actions Critical Infrastructure Organizations Should Implement to Immediately Strengthen Their Cyber Posture. • Patch all systems. Prioritize patching known exploited vulnerabilities. • Implement multi-factor authentication. • Use antivirus software. • Develop internal contact lists and...

10CVSS9.9AI score0.99999EPSS
Exploits449References104
hivepro
hivepro
added 2022/02/18 12:20 p.m.682 views

Russian state-sponsored cyber actors targeting U.S. critical infrastructure

THREAT LEVEL: Red. For a detailed advisory, download the pdf file here In a joint cybersecurity advisory, the Federal Bureau of Investigation FBI, the National Security Agency NSA, the Cybersecurity and Infrastructure Security Agency CISA revealed that Russian state-sponsored threat actors target...

9CVSS0.4AI score0.99999EPSS
Exploits56
Trend Micro Simply Security
Trend Micro Simply Security
added 2022/02/18 12:0 a.m.16 views

This Week in Security News - February 18, 2022

SMS PVA services' use of infected Android phones reveals flaws in SMS verification, and 'Russian state-sponsored cyber actors' cited in hacks of U.S. defense contractors...

2.7AI score
Exploits0
ICS
ICS
added 2022/02/16 12:0 p.m.102 views

Russian State-Sponsored Cyber Actors Target Cleared Defense Contractor Networks to Obtain Sensitive U.S. Defense Information and Technology

Summary Actions to Help Protect Against Russian State-Sponsored Malicious Cyber Activity: • Enforce multifactor authentication. • Enforce strong, unique passwords. • Enable M365 Unified Audit Logs. • Implement endpoint detection and response tools. From at least January 2020, through February 202...

9.8CVSS10AI score0.99999EPSS
Exploits56References164
Rows per page
Query Builder