Lucene search
K

14 matches found

Trend Micro Simply Security
Trend Micro Simply Security
added 2026/05/21 12:0 a.m.15 views

One Man, One AI, One Fake Persona: Inside the 5-Year Influence and Fraud ‘Patriot Bait’ Campaign

A solo Russian-speaking threat actor ran a 5-year Telegram channel and, starting September 2025, used AI to automate its content, credential theft, and a cryptocurrency fraud scheme targeting American audiences...

5.8AI score
Exploits0
The Hacker News
The Hacker News
added 2026/03/05 10:10 a.m.19 views

APT28-Linked Campaign Deploys BadPaw Loader and MeowMeow Backdoor in Ukraine

Cybersecurity researchers have disclosed details of a new Russian cyber campaign that has targeted Ukrainian entities with two previously undocumented malware families named BadPaw and MeowMeow. "The attack chain initiates with a phishing email containing a link to a ZIP archive. Once extracted, ...

6.3AI score
Exploits0
The Hacker News
The Hacker News
added 2026/01/09 3:28 p.m.16 views

Russian APT28 Runs Credential-Stealing Campaign Targeting Energy and Policy Organizations

Russian state-sponsored threat actors have been linked to a fresh set of credential harvesting attacks targeting individuals associated with a Turkish energy and nuclear research agency, as well as staff affiliated with a European think tank and organizations in North Macedonia and Uzbekistan. Th...

6.5AI score
Exploits0
The Hacker News
The Hacker News
added 2025/12/17 3:30 p.m.6 views

APT28 Targets Ukrainian UKR-net Users in Long-Running Credential Phishing Campaign

The Russian state-sponsored threat actor known as APT28 has been attributed to what has been described as a "sustained" credential-harvesting campaign targeting users of UKR.net, a webmail and news service popular in Ukraine. The activity, observed by Recorded Future's Insikt Group between June...

6.6AI score
Exploits0
HackRead
HackRead
added 2025/01/29 10:14 p.m.5 views

Russian UAC-0063 Targets Europe and Central Asia with Advanced Malware

UAC-0063: A Russian-linked threat actor targeting Central Asia and Europe with sophisticated cyberespionage campaigns, including weaponized documents, data…...

7.3AI score
Exploits0
The Hacker News
The Hacker News
added 2024/10/26 4:6 a.m.18 views

CERT-UA Identifies Malicious RDP Files in Latest Attack on Ukrainian Entities

The Computer Emergency Response Team of Ukraine CERT-UA has detailed a new malicious email campaign targeting government agencies, enterprises, and military entities. "The messages exploit the appeal of integrating popular services like Amazon or Microsoft and implementing a zero-trust...

7.6AI score
Exploits0
The Hacker News
The Hacker News
added 2023/09/11 7:54 a.m.63 views

Cybercriminals Using PowerShell to Steal NTLMv2 Hashes from Compromised Windows

A new cyber attack campaign is leveraging the PowerShell script associated with a legitimate red teaming tool to plunder NTLMv2 hashes from compromised Windows systems primarily located in Australia, Poland, and Belgium. The activity has been codenamed Steal-It by Zscaler ThreatLabz. "In this...

6.7AI score
Exploits0
The Hacker News
The Hacker News
added 2023/09/06 8:2 a.m.64 views

Ukraine's CERT Thwarts APT28's Cyberattack on Critical Energy Infrastructure

The Computer Emergency Response Team of Ukraine CERT-UA on Tuesday said it thwarted a cyber attack against an unnamed critical energy infrastructure facility in the country. The intrusion, per the agency, started with a phishing email containing a link to a malicious ZIP archive that activates th...

7.8CVSS7.2AI score0.97798EPSS
Exploits49
The Hacker News
The Hacker News
added 2023/06/15 10:1 a.m.30 views

New Report Reveals Shuckworm's Long-Running Intrusions on Ukrainian Organizations

The Russian threat actor known as Shuckworm has continued its cyber assault spree against Ukrainian entities in a bid to steal sensitive information from compromised environments. Targets of the recent intrusions, which began in February/March 2023, include security services, military, and...

6.9AI score
Exploits0
Microsoft Secure
Microsoft Secure
added 2023/06/14 4:0 p.m.54 views

Cadet Blizzard emerges as a novel and distinct Russian threat actor

As Russia’s invasion of Ukraine continues into its second year and Microsoft continues to collaborate with global partners in response, the exposure of destructive cyber capabilities and information operations provide greater clarity into the tools and techniques used by Russian state-sponsored...

9.3CVSS8.1AI score0.99999EPSS
Exploits278
The Hacker News
The Hacker News
added 2023/06/12 7:30 a.m.29 views

Beware: 1,000+ Fake Cryptocurrency Sites Trap Users in Bogus Rewards Scheme

A previously undetected cryptocurrency scam has leveraged a constellation of over 1,000 fraudulent websites to ensnare users into a bogus rewards scheme since at least January 2021. "This massive campaign has likely resulted in thousands of people being scammed worldwide," Trend Micro researchers...

7.2AI score
Exploits0
ThreatPost
ThreatPost
added 2022/08/25 6:47 p.m.332 views

Cybercriminals Are Selling Access to Chinese Surveillance Cameras

New research indicates that over 80,000 Hikvision surveillance cameras in the world today are vulnerable to an 11 month-old command injection flaw. Hikvision – short for Hangzhou Hikvision Digital Technology – is a Chinese state-owned manufacturer of video surveillance equipment. Their customers...

9.8CVSS10AI score0.99869EPSS
Exploits23References2
hivepro
hivepro
added 2022/03/18 8:27 a.m.244 views

Russian threat actor UAC-0056 targets European countries

THREAT LEVEL: Red. For a detailed advisory, download the pdf file here. The Governmental Computer Emergency Response Team of Ukraine CERT-UA has released an alert about a Russian threat actor UAC-0056 SaintBear, UNC2589, TA471 delivering malwares using email attachments. UNC2589 is a cyber...

9.3CVSS8.4AI score0.99945EPSS
Exploits33
The Hacker News
The Hacker News
added 2021/01/20 4:59 a.m.12 views

SolarWinds Hackers Also Breached Malwarebytes Cybersecurity Firm

Malwarebytes on Tuesday said it was breached by the same group who broke into SolarWinds to access some of its internal emails, making it the fourth major cybersecurity vendor to be targeted after FireEye, Microsoft, and CrowdStrike. The company said its intrusion was not the result of a SolarWin...

6AI score
Exploits0
Rows per page
Query Builder