russian
-
The growing use of managed security services make the ploys by STAC5143 and STAC5777 believable.
-
Russian cybercriminals are adopting a scam in which they pose as tech support on Microsoft Teams to convince victims they have an IT issue before tricking employees into allowing them to install ransomware on the targets’ computer networks. British cybersecurity company Sophos reported on Thursday to have seen more than 15 incidents in which two…
-
Ukraine has restored the infrastructure of its state registers, which were disrupted last month by a major cyberattack believed to have been carried out by Russian military intelligence hackers. In a statement on Monday, the Ukrainian Ministry of Justice — responsible for managing around 60 state databases — confirmed that the critical registers are now…
-
Russia’s Rostelecom said that it was responding to a cyberattack on a contractor that helps to run its corporate website and procurement portal.
-
Microsoft Threat Intelligence has identified a concerning strategic shift by the notorious Russian threat actor group “Star Blizzard.” Known for its spear-phishing campaigns targeting government, diplomatic, and civil society sectors, the group has now expanded its tactics to compromise WhatsApp accounts. In mid-November 2024, Microsoft observed Star Blizzard employing a novel method in their phishing…
-
Russian internet service provider Nodex confirmed on Tuesday that its network was “destroyed” in a cyberattack claimed by Ukrainian hacktivists part of the Ukrainian Cyber Alliance […]
-
Russian internet provider Nodex reported on Tuesday that its network had been ruined in a cyberattack, which it suspects originated from Ukraine. In a statement on the Russian social media platform VKontakte, the St. Petersburg-based company said the “planned” attack “destroyed” its infrastructure overnight. Nodex added that it was working to restore systems from backups…
-
Suspected Russian threat actors have disrupted most Ukrainian state registers as part of a massive cyberattack that has prompted the processing of the country’s births, marriages, and deaths on paper, according to The Record, a news site by cybersecurity firm Recorded Future.
-
Suspected Russian threat actors have disrupted most Ukrainian state registers as part of a massive cyberattack that has prompted the processing of the country’s births, marriages, and deaths on paper, according to The Record, a news site by cybersecurity firm Recorded Future.
-
Earlier this month, the United Kingdom’s National Crime Agency (NCA) unveiled the most complex investigation that staff can remember. Over nearly four years, Operation Destabilise involved almost everyone at the agency. What those staff uncovered was unprecedented for law enforcement: the complete financial chain connecting street-level drug dealing to the multibillion-dollar money-laundering operations that underpin…
-
U.K. investigators tell the story of how examining a cybercrime group’s extortion funds helped to unravel a money-laundering network reaching from the illegal drug trade to Moscow’s elite.
-
US authorities charged a dual Russian and Israeli national for being a developer of the LockBit ransomware group. Rostislav Panev, 51, a dual Russian-Israeli national, was charged as a LockBit ransomware developer. Arrested in Israel, he awaits extradition to the U.S. Panev was arrested in Israel in August and is awaiting extradition to the U.S.…
-
The European Council announced on Monday it was sanctioning 16 individuals and three entities “responsible for Russia’s destabilising actions abroad.”
-
Dec 16, 2024Ravie LakshmananCyber Attack / Cyber Espionage
-
A new report from Microsoft Threat Intelligence reveals that the Russian state-sponsored threat actor known as Secret Blizzard (also tracked as Turla, Waterbug, Venomous Bear, Snake, Turla Team, and Turla APT Group) is employing increasingly unconventional tactics in its ongoing cyber espionage campaign against Ukraine. The group has been observed hijacking the tools and infrastructure…
-
After co-opting the tools and infrastructure of another nation-state threat actor to facilitate espionage activities, as detailed in our last blog, Russian nation-state actor Secret Blizzard used those tools and infrastructure to compromise targets in Ukraine. Microsoft Threat Intelligence has observed that these campaigns consistently led to the download of Secret Blizzard’s custom malware, with…
-
Researchers at the Lookout Threat Lab have uncovered two sophisticated Android spyware families, BoneSpy and PlainGnome, attributed to the Russian-aligned Advanced Persistent Threat (APT) group Gamaredon. Also known as Primitive Bear or Shuckworm, Gamaredon has been linked to the Russian Federal Security Service (FSB), with this being the first known instance of their mobile surveillance…