Security Affairs

SEPTEMBER 8, 2022

Some members of the Conti ransomware gang were involved in financially motivated attacks targeting Ukraine from April to August 2022. TAG assesses UAC-0098 acted as an initial access broker for various ransomware groups including Quantum and Conti, a Russian cybercrime gang known as FIN12 / WIZARD SPIDER.” ” concludes TAG.

Ransomware 135

Ransomware Government Phishing IT 135

Security Affairs

APRIL 3, 2022

This post provides a timeline of the events related to the Russian invasion of Ukraine from the cyber security perspective. Apr 02 – Ukraine intelligence leaks names of 620 alleged Russian FSB agents. Mar 31 – Google TAG details cyber activity with regard to the invasion of Ukraine. Pierluigi Paganini.

Personal data 98

Personal data Phishing Security IT 98

Security Affairs

MARCH 13, 2022

This post provides a timeline of the events related to the Russia invasion of Ukraine from the cyber security perspective. Russian Internet watchdog Roskomnadzor is going to ban Instagram in Russia to prevent the spreading of info related to the Ukraine invasion. March 8 – Google TAG: Russia, Belarus-linked APTs targeted Ukraine.

Blockchain 96

Blockchain Phishing Military Passwords 96

KnowBe4

MARCH 10, 2023

A look back at the last year of attacks on Ukraine by Google’s Threat Analysis Group (TAG) provides insight into attacks on NATO countries to gain a cyberspace advantage.

Security awareness 65

Security awareness Phishing Security 65

Security Affairs

JULY 10, 2023

Threat actors are targeting NATO and groups supporting Ukraine in a spear-phishing campaign distributing the RomCom RAT. On July 4, the BlackBerry Threat Research and Intelligence team uncovered a spear phishing campaign aimed at an organization supporting Ukraine abroad. docx “).

Phishing 89

Phishing Government IT Security 89

Security Affairs

MARCH 20, 2022

This post provides a timeline of the events related to the Russia invasion of Ukraine from the cyber security perspective. Below is the timeline of the events related to the previous weeks: March 18 – China-linked threat actors are targeting the government of Ukraine. March 15 – CaddyWiper, a new data wiper hits Ukraine.

Cloud 94

Cloud Government Risk Information Security 94

Security Affairs

MARCH 9, 2022

The campaign took place in February and Google Threat Analysis Group (TAG) team was not able to link it to the ongoing invasion of Ukraine. Google Threat Analysis Group (TAG) director Shane Huntley confirmed that the IT giant was able to detect and block all phishing messages. government.

Government 97

Government Phishing Military IT 97

Security Affairs

JULY 15, 2023

Russia-linked APT Gamaredon starts stealing data from victims between 30 and 50 minutes after the initial compromise The source code of the BlackLotus UEFI Bootkit was leaked on GitHub US CISA warns of Rockwell Automation ControlLogix flaws Indexing Over 15 Million WordPress Websites with PWNPress New AVrecon botnet remained under the radar for two (..)

Security 97

Security Data breaches Government Analytics 97

Security Affairs

JANUARY 21, 2024

million cryptojacking scheme arrested in Ukraine Cybercrime Cryptojacker arrested in Ukraine over EUR 1.8

Security 108

Security e-Discovery Artificial Intelligence Ransomware 108

Security Affairs

APRIL 3, 2022

Sophos Firewall affected by a critical authentication bypass flaw Mar 20- Mar 26 Ukraine – Russia the silent cyber conflict Security Affairs newsletter Round 358 by Pierluigi Paganini Western Digital addressed a critical bug in My Cloud OS 5 CISA adds 66 new flaws to the Known Exploited Vulnerabilities Catalog. And how to prevent it?

Security 91

Security Authentication Ransomware Cloud 91

Security Affairs

JANUARY 9, 2023

Cybersecurity and intelligence experts observed an escalation in the activity associated with the Cold River APT since the invasion of Ukraine. In March 2022, the Google Threat Analysis Group (TAG) spotted phishing and malware attacks targeting Eastern European and NATO countries, including Ukraine. ” reads the report.

Military 90

Military Phishing Cybersecurity Passwords 90

Security Affairs

AUGUST 7, 2020

Google published its second Threat Analysis Group (TAG) report which reveals the company has taken down ten coordinated operations in Q2 2020. Google has published its second Threat Analysis Group (TAG) report , a bulletin that includes coordinated influence operation campaigns tracked in Q2 of 2020. response to COVID-19.

Government 104

Government IT Security Information Security 104

Security Affairs

MARCH 13, 2022

CVE-2022-0492 flaw in Linux Kernel cgroups feature allows container escape Charities and NGOs providing support in Ukraine hit by malware. Is it fake news? Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini. SecurityAffairs – hacking, newsletter).

Security 95

Security Data breaches Ransomware Manufacturing 95

Security Affairs

JUNE 6, 2022

USA) has identified an increase in activity within hacktivist groups, they’re leveraging current geopolitical tensions between the Ukraine and Russia to perform cyber-attacks. (USA) has identified an increase in activity within hacktivist groups conducted by a new group called “Cyber Spetsnaz”. Resecurity, Inc.

Government 141

Government Cybersecurity IoT Security 141

Security Affairs

MAY 24, 2021

Unlike other variants of the Vega ransomware, the Zeppelin ransomware doesn’t infect users in Russia or other ex-USSR countries like Ukraine, Belorussia, and Kazakhstan. The malware was available for sale at a price tag of $2,300 per core build, but they offered individual conditions to their subscribers.

Ransomware 129

Ransomware Encryption Sales Security 129

Security Affairs

JUNE 5, 2021

“The Trickbot Group operated in Russia, Belarus, Ukraine, and Suriname, and primarily targeted victim computers belonging to businesses, entities, and individuals, including those in the Northern District of Ohio and elsewhere in the United States. The Trickbot gang operated in Russia, Belarus, Ukraine, and Suriname.

Ransomware 119

Ransomware Encryption Government Security 119

Security Affairs

APRIL 23, 2023

Abandoned Eval PHP WordPress plugin abused to backdoor websites CISA adds MinIO, PaperCut, and Chrome bugs to its Known Exploited Vulnerabilities catalog At least 2 critical infrastructure orgs breached by North Korea-linked hackers behind 3CX attack American Bar Association (ABA) suffered a data breach,1.4

Security 85

Security Ransomware Data breaches Cybersecurity 85

Security Affairs

MAY 9, 2022

The attacks were also reported by Google’s TAG team, which confirmed they were for intelligence purposes. In recent campaigns, threat actors used European Union reports on the conflict in Ukraine and Ukrainian government reports as lures.

Phishing 89

Phishing Government Archiving Cybersecurity 89

Security Affairs

AUGUST 9, 2023

Within the file, there were seven brackets of PHP tags and each of them contained an obfuscated piece of code within. The PHP tags were stacked on top of each other, having legitimate code of the website at the very bottom. Therefore, if the syntax was correct, it ran the malicious code before serving the actual website being visited.

Access 97

Access IT Security Information Security 97

Krebs on Security

NOVEMBER 28, 2022

Pushwoosh employees posing at a company laser tag event. ” In April 2022, roughly 4,500 Army personnel converged on the National Training Center for a war games exercise on how to use lessons learned from Russia’s war against Ukraine to prepare for future fights against a major adversary such as Russia or China. .”

Government 228

Government Risk IT Marketing 228

Security Affairs

SEPTEMBER 8, 2019

The campaign tag “ The spyware also automatically signs up victims for premium service subscriptions for various advertisements, the malware is able to automate the necessary interaction with the premium offer’s webpage, including intercepting the SMS containing the confirmation code. The C&C URL 6.

Encryption 104

Encryption Security IT Information Security 104

Security Affairs

JANUARY 18, 2024

The APT primarily targets NATO countries, but experts also observed campaigns targeting the Baltics, Nordics, and Eastern Europe regions, including Ukraine. Google TAG researchers warn that COLDRIVER is evolving tactics, techniques and procedures (TTPs), to improve its detection evasion capabilities. ” reads TAG’s analysis.

Phishing 106

Phishing Encryption Military Archiving 106

Security Affairs

APRIL 2, 2023

LockBit leaks data stolen from the South Korean National Tax Service Italy’s Data Protection Authority temporarily blocks ChatGPT over privacy concerns CISA adds bugs exploited by commercial surveillance spyware to Known Exploited Vulnerabilities catalog Hackers are actively exploiting a flaw in the Elementor Pro WordPress plugin Cyber Police of Ukraine (..)

Security 95

Security Artificial Intelligence Data breaches Ransomware 95

Security Affairs

NOVEMBER 20, 2023

Google TAG experts also observed the Russia-linked ATP28 group exploiting the flaw in attacks against Ukraine users. In September, CERT-UA observed the FROZENLAKE group exploitingthe WinRAR flaw to deploy malware in attacks aimed at energy infrastructure.

Sales 112

Sales Archiving Communications Phishing 112

Security Affairs

APRIL 12, 2019

In mid-March , a suspicious Office document referencing the Ukraine elections appeared in the wild, is it related to APT28 and upcoming elections? In mid-March, a suspicious Office document referencing the Ukraine elections appeared in the wild. Figure 4: Payload stored in “Company” tag of document metadata. Introduction.

Passwords 98

Passwords Metadata Military Government 98

Archive-It

OCTOBER 23, 2019

The videos, preserved with the planning and generosity of former GOP Congressperson and HFAC Chair Ed Royce , appear to show consistent bipartisan support for Ukraine. What can these videos teach us about the GOP-led HFAC’s approach to Ukraine? Potentially volumes.

Archiving 20

Archiving Paper Government Risk 20

Architect Security

SEPTEMBER 24, 2020

If you post a photo to Facebook, its own enormous custom facial recognition database can identify other Facebook users, and in some cases it will prompt you to tag them. If you have uploaded any non–GPS tagged images to Google Photos, you may have noticed that they may still show location information.

Metadata 49

Metadata Artificial Intelligence Libraries Retail 49

eSecurity Planet

NOVEMBER 2, 2022

2017 saw a pirated version of Petya, called “ NotPetya ,” hit multiple European countries in a major cyber attack, most notably Ukraine and Germany. It later evolved to also include file encryption. Petya was initially developed by a group called Janus Cybercrime Solutions as part of its ransomware-as-a-service (RaaS) platform.

Ransomware 135

Ransomware Cybersecurity Passwords Access 135