Ars Technica
USB worm unleashed by Russian state hackers spreads worldwide
LitterDrifter's means of self-propagation are simple. So why is it spreading so widely?
Bleeping Computer
Gamaredon's LittleDrifter USB malware spreads beyond Ukraine
A recently discovered worm that researchers call LittleDrifter has been spreading over USB drives infecting systems in multiple countries as part of a campaign from the Gamaredon state-sponsored espionage group.
.webp)
Cyber Security News
LitterDrifter Powershell Worm Rapidly Spreads on USB Drives by Itself
Gamaredon (aka Primitive Bear, ACTINIUM, and Shuckworm), stands out in Russian espionage by exclusively targeting Ukrainian entities.
SecurityWeek
Russia's LitterDrifter USB Worm Spreads Beyond Ukraine
Russian Gamaredon’s self-propagating LitterDrifter USB worm spreads from Ukraine to the US and other countries.
Security Affairs
Security Affairs newsletter Round 446 by Pierluigi Paganini
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you.
Security Affairs
Russian APT Gamaredon uses USB worm LitterDrifter against Ukraine
Russia-linked cyberespionage group Gamaredon has been spotted propagating a worm called LitterDrifter via USB.
The Hacker News
Russian Cyber Espionage Group Deploys LitterDrifter USB Worm in Targeted Attacks
Russian cyber espionage group linked to the FSB are using a USB worm called LitterDrifter to target Ukrainian organizations.
The Record
Exclusive: How a defend-forward operation gave Ukraine’s SBU an edge over Russia
On a recent trip to Kyiv, the Click Here team spoke with Illia Vitiuk, head of the cyber department of the Security Service of Ukraine, about the importance of an early operation with U.S. hunt teams and why he considers attacks on civil infrastructure “to be nothing but a war crime.”
The Hacker News
Pro-Russian Hackers Exploiting Recent WinRAR Vulnerability in New Campaign
WinRAR users, be alert! Pro-Russian hackers exploited a recent vulnerability in the software. Ensure your version is updated!
Cyber Security News
Threat and Vulnerability Roundup For The Week Of 10th to September 16th
This week's Threat and Vulnerability Roundup from Cyber Writes brings you the most recent cybersecurity news.
Infosecurity News
Russia-Backed APT28 Tried to Attack Ukrainian Critical Power Facility
The attack has been carried out using legitimate services and standard software functions, CERT-UA observed
The Hacker News
Russian State-Backed 'Infamous Chisel' Android Malware Targets Ukrainian Military
Five Eyes intelligence alliance reveals a Russian state-sponsored actor, Sandworm, behind mobile malware 'Infamous Chisel' targeting Ukrainian
Infosecurity News
Russian APT Intensifies Cyber Espionage Activities Amid Ukrainian Coun
The Gamaredon group has ramped up attacks against Ukrainian military entities, with the aim of hindering Ukraine’s counter-offensive operations
The Record
Gamaredon hackers target Ukrainian military orgs amid counteroffensive efforts
The Moscow-backed hacking group known as Gamaredon is ramping up its attacks on Ukraine's military and government agencies amid the country’s long-awaited counteroffensive.
Infosecurity News
Ukraine's CERT-UA Exposes Gamaredon's Rapid Data Theft Methods
The group utilize malware like GAMMASTEEL to rapidly exfiltrate files within 30-50 minutes
The Hacker News
CERT-UA Uncovers Gamaredon's Rapid Data Exfiltration Tactics Following Initial Compromise
New report reveals the alarming activities of Gamaredon, a notorious Russian hacking crew. They exploit email and messaging platforms to compromise.
The Record
Russian hacking group Armageddon increasingly targets Ukrainian state services
The Moscow-linked hacking group Armageddon remains one of the most active and dangerous threat actors targeting Ukraine during its war with Russia, according to recent research.
Security Affairs
Security Affairs newsletter Round 428 by Pierluigi Paganini – International edition
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Russia-linked APT Gamaredon starts stealing data from victims between 30 and 50 minutes after the initial […]
Security Affairs
Russia-linked APT Gamaredon starts stealing data from victims between 30 and 50 minutes after the initial compromise
Ukraine’s Computer Emergency Response Team (CERT-UA) states that Russia-linked APT Gamaredon starts stealing data 30 minutes after the initial compromise. Ukraine’s Computer Emergency Response Team (CERT-UA) is warning that the Russia-linked APT group Gamaredon (aka Shuckworm, Actinium, Armageddon, Primitive Bear, UAC-0010, and Trident Ursa) use to steal data from victims’ networks in less than an hour after the initial compromise. Gamaredon has […]
Bleeping Computer
Gamaredon hackers start stealing data 30 minutes after a breach
Ukraine's Computer Emergency Response Team (CERT-UA) is warning that the Gamaredon hacking operates in rapid attacks, stealing data from breached systems in under an hour.
Security Affairs
Security Affairs newsletter Round 424 by Pierluigi Paganini – International edition
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Law enforcement shutdown a long-standing DDoS-for-hire service A Russian national charged for committing LockBit Ransomware attacks […]
Cyber Security News
Russia-Backed Hackers Using New USB-based Malware to Acquire Ukraine’s Military Intelligence
Ukraine remains under constant threat as the Russian state-sponsored hacking group Shuckworm (aka Armageddon or Gamaredon) continues to carry out numerous cyber attacks.
Security Affairs
Russia-linked APT Gamaredon update TTPs in recent attacks against Ukraine
Russia-linked APT group Gamaredon is using a new toolset in attacks aimed at critical organizations in Ukraine. The Gamaredon APT group (aka Shuckworm, Actinium, Armageddon, Primitive Bear, UAC-0010, and Trident Ursa) continues to carry out attacks against entities in Ukraine, including security services, military, and government organizations. Symantec researchers reported that in some cases, the cyberespionage group remained undetected in the […]
Ars Technica
Russia-backed hackers unleash new USB-based malware on Ukraine’s military
Shuckworm's relentless attacks seek intel for use in Russia's invasion of Ukraine.
The Hacker News
New Report Reveals Shuckworm's Long-Running Intrusions on Ukrainian Organizations
Russian threat actor Shuckworm intensifies cyber assaults on Ukrainian entities, aiming to steal sensitive information.
Bleeping Computer
Russian hackers use PowerShell USB malware to drop backdoors
The Russian state-sponsored hacking group Gamaredon (aka Armageddon, or Shuckworm) continues to target critical organizations in Ukraine's military and security intelligence sectors, employing a refreshed toolset and new infection tactics.
DarkReading
ESET APT Report: Attacks by China-, North Korea-, and Iran-aligned Threat Actors; Russia Eyes Ukraine and the EU
ESET has released its APT Activity Report, which summarizes the activities of selected advanced persistent threat (APT) groups that were observed, investigated, and analyzed by ESET researchers from October 2022 until the end of March 2023.
The Hacker News
Operation ChattyGoblin: Hackers Targeting Gambling Firms via Chat Apps
A China-aligned threat actor has been targeting gambling companies in Southeast Asia since October 2021.
CSO
NTC Vulkan leak shows evolving Russian cyberwar capabilities
Documents from a Russian intelligence subcontractor provide insight into the Kremlin's cyberwar objectives and potential long-term threats to Western organizations.
DarkReading
Vulkan Playbook Leak Exposes Russia's Plans for Worldwide Cyberwar
Russian intelligence services, together with a Moscow-based IT company, are planning worldwide hacking operations that will also enable attacks on critical infrastructure facilities.
Security Affairs
Ukraine CERT-UA warns of phishing attacks employing Remcos software
The Computer Emergency Response Team of Ukraine (CERT-UA) warns of a new wave of attacks against state authorities to deploy the Remcos software. The Computer Emergency Response Team of Ukraine (CERT-UA) is warning of a phishing campaign aimed at state authorities that involves the use of the legitimate remote access software Remcos. The phishing emails, […]
The Hacker News
Russian Hackers Using Graphiron Malware to Steal Data from Ukraine
Russia-linked threat actor has been spotted targeting Ukraine with a new information-stealing malware called Graphiron.
The Hacker News
CERT-UA Alerts Ukrainian State Authorities of Remcos Software-Fueled Cyber Attacks
CERT-UA has issued a warning of cyber attacks targeting state authorities using a legitimate remote access software.
Security Affairs
Security Affairs newsletter Round 405 by Pierluigi Paganini
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. If you want to also receive for free the newsletter with the international press subscribe here. CISA adds Oracle, SugarCRM bugs to its Known Exploited Vulnerabilities Catalog GoAnywhere MFT zero-day flaw actively […]
Security Affairs
Russia-linked Gamaredon APT targets Ukrainian authorities with new malware
Russia-linked threat actor Gamaredon employed new spyware in cyber attacks aimed at public authorities and critical information infrastructure in Ukraine. The State Cyber Protection Centre (SCPC) of Ukraine warns of a new wave of targeted attacks conducted by the Russia-linked APT group Gamaredon (aka Shuckworm, Actinium, Armageddon, Primitive Bear, UAC-0010, and Trident Ursa). The attacks aimed at public authorities and critical information […]
The Hacker News
New Russian-Backed Gamaredon's Spyware Variants Targeting Ukrainian Authorities
Ukraine has warned about new strains of GammaLoad and GammaSteel malware that Russian-sponsored hackers are using in espionage operations.
Cyber Security News
Sandworm APT Group Adds New Wiper to Its Hacking Toolkit
During the monitored timespan, APT groups aligned with Russia have been observed to be heavily involved in cyber operations aimed at Ukraine.
The Record
Russia-backed hacker group Gamaredon attacking Ukraine with info-stealing malware
The Russian-sponsored hacker group known as Gamaredon remains one of the “key cyber threats” for Ukraine’s cyberspace, according to a report.
The Hacker News
New Report Reveals NikoWiper Malware That Targeted Ukraine Energy Sector
A new research report has revealed details about the NikoWiper wiper malware responsible for cyberattacks on Ukraine's energy sector.
The Record
Latvia confirms phishing attack on Ministry of Defense, linking it to Russian hacking group
The Russian cyber-espionage group known as Gamaredon may have been behind a phishing attack on Latvia's Ministry of Defense.
CSO
Attackers move away from Office macros to LNK files for malware delivery
Barriers that Microsoft has placed to prevent malicious macros has forced some cybercriminals to use LNK files for malware delivery, but at the cost of easier detection.
The Hacker News
Gamaredon Group Launches Cyberattacks Against Ukraine Using Telegram
Russian state-sponsored cyber espionage group Gamaredon is back and targeting Ukraine's military and law enforcement entities through Telegram.
The Hacker News
New Research Delves into the World of Malicious LNK Files and Hackers Behind Them
New study by cybersecurity experts shows potential to identify relationships among threat actors by analyzing metadata of malicious LNK files.
Security Affairs
Security Affairs newsletter Round 399 by Pierluigi Paganini
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. If you want to also receive for free the newsletter with the international press subscribe here. Expert found Backdoor credentials in ZyXEL LTE3301 M209 Raspberry Robin malware used in attacks against Telecom […]
Security Affairs
Security Affairs newsletter Round 399 by Pierluigi Paganini
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. If you want to also receive for free the newsletter with the international press subscribe here. Expert found Backdoor credentials in ZyXEL LTE3301 M209 Raspberry Robin malware used in attacks against Telecom […]
SecurityWeek
Russian APT Gamaredon Changes Tactics in Attacks Targeting Ukraine
Russia-linked Gamaredon, which provides services to other APTs, is one of the most intrusive, continuously active hacking groups targeting Ukraine.
The Hacker News
Ukraine's DELTA Military System Users Under Attack from Info Stealing Malware
CERT-UA warns of a cyber attack targeting users of the DELTA military system via a compromised email account at the Ministry of Defense.
Ars Technica
Kremlin-backed hackers targeted a “large” petroleum refinery in a NATO nation
As Russia's invasion of Ukraine grinds on, the country's hackers expand their targets.
Security Affairs
Russia-linked Gamaredon APT targeted a petroleum refining company in a NATO nation in August
Russia-linked Gamaredon APT group targeted a large petroleum refining company in a NATO state this year amid the invasion of Ukraine. The Russia-linked Gamaredon APT group (aka Shuckworm, Actinium, Armageddon, Primitive Bear, UAC-0010, and Trident Ursa) is behind a failed attack against a large petroleum refining company in a NATO member state earlier amid the invasion of Ukraine. Gamaredon […]
DarkReading
NATO-Member Oil Refinery Targeted in Russian APT Blitz Against Ukraine
Security Service-backed Trident Ursa APT group shakes up tactics in its relentless cyberattacks against Ukraine.
The Record
Russian hackers targeted petroleum refining company in NATO state
A hacking group associated with Russia’s Federal Security Service (FSB) unsuccessfully attempted to compromise a large petroleum refining company.
The Hacker News
Russian Hackers Targeted Petroleum Refinery in NATO Country During Ukraine War
Russian Hackers Target Major Petroleum Refining in NATO Member State During Russo-Ukrainian War
CyberScoop
Russian hackers attempted to breach petroleum refining company in NATO country, researchers say
The Russian hacking group Trident Ursa is mostly known for phishing campaigns targeting organizations in NATO states.
Infosecurity News
State-Backed APT Group Activity Continuing Apace
The report outlines recent APT group activity from Russia, China, Iran and North Korea
Security Affairs
Security Affairs newsletter Round 384
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. If you want to also receive for free the newsletter with the international press subscribe here. LastPass revealed that intruders had internal access for four days during the August hack CISA adds […]
Bleeping Computer
Russian hackers use new info stealer malware against Ukrainian orgs
Russian hackers have been targeting Ukrainian entities with previously unseen info-stealing malware during a new espionage campaign that is still active.
Security Affairs
Russia-linked Gamaredon APT target Ukraine with a new info-stealer
Russia-linked Gamaredon APT targets employees of the Ukrainian government, defense, and law enforcement agencies with a custom information-stealing malware. Russia-linked Gamaredon APT group (aka Shuckworm, Actinium, Armageddon, Primitive Bear, and Trident Ursa) is targeting employees of the Ukrainian government, defense, and law enforcement agencies with a piece of a custom-made information stealer implant. The malicious code was designed to […]
The Hacker News
Russian Gamaredon Hackers Target Ukrainian Government Using Info-Stealing Malware
In an ongoing espionage campaign, Gamaredon APT Russian hackers are targeting employees of Ukrainian government, defense, and law enforcement agencies
Security Affairs
Security Affairs newsletter Round 380
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. If you want to also receive for free the newsletter with the international press subscribe here. CISA added 7 new flaws to its Known Exploited Vulnerabilities Catalog TA558 cybercrime group targets hospitality […]
DarkReading
5 Russia-Linked Groups Target Ukraine in Cyberwar
Information on the attributed cyberattacks conducted since the beginning of the Russia-Ukraine war shows that a handful of groups conducted more than two dozen attacks.
Security Affairs
Russia-linked Gamaredon APT continues to target Ukraine
Russia-linked Gamaredon APT group targets Ukrainian entities with PowerShell info-stealer malware dubbed GammaLoad. Russia-linked Gamaredon APT group (aka Shuckworm, Actinium, Armageddon, Primitive Bear, and Trident Ursa) targets Ukrainian entities with PowerShell info-stealer malware dubbed GammaLoad, Symantec warns. The Computer Emergency Response Team of Ukraine (CERT-UA) confirmed the ongoing cyber espionage campaign. Symantec and TrendMicro first discovered the Gamaredon […]
The Hacker News
Russian State Hackers Continue to Attack Ukrainian Entities with Infostealer Malware
Russian state-sponsored actors continue to attack Ukrainian entities with information-stealing malware in what appears to be a cyber espionage attacks
Bleeping Computer
Russian hackers target Ukraine with default Word template hijacker
Threat analysts monitoring cyberattacks on Ukraine report that the operations of the notorious Russian state-backed hacking group 'Gamaredon' continue to heavily target the war-torn country.
Security Affairs
Security Affairs newsletter Round 367 by Pierluigi Paganini
A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs for free in your email box. If you want to also receive for free the newsletter with the international press subscribe here. Experts believe that Russian Gamaredon APT could fuel a new round of DDoS attacks The […]
Security Affairs
Experts believe that Russian Gamaredon APT could fuel a new round of DDoS attacks
360 Qihoo reported DDoS attacks launched by APT-C-53 (aka Gamaredon) conducted through the open-source DDoS Trojan program LOIC. Researchers at 360 Qihoo observed a wave of DDoS attacks launched by Russia-linked APT-C-53 (aka Gamaredon) and reported that the threat actors also released as open-source the code of a DDoS Trojan called LOIC. The instances of the malware spotted by the experts […]
Security Affairs
Ukraine CERT-UA warns of new attacks launched by Russia-linked Armageddon APT
Ukraine Computer Emergency Response Team (CERT-UA) reported a phishing campaign conducted by Armageddon APT using GammaLoad.PS1_v2 malware. Ukraine Computer Emergency Response Team (CERT-UA) reported a phishing campaign using messages with subject “On revenge in Kherson!” and containing the “Plan Kherson.htm” attachment. The HTM-file will decode and create an archive named “Herson.rar”, which contains a file-shortcut […]
SecurityWeek
Google Sees More APTs Using Ukraine War-Related Themes
Google's Threat Analysis Group (TAG) observed an increased number of threat actors using cyberattack themes related to the war in Ukraine.
Security Affairs
Russia-linked threat actors launched hundreds of cyberattacks on Ukraine
Microsoft revealed that Russia launched hundreds of cyberattacks against Ukraine since the beginning of the invasion. Microsoft states that at least six separate Russia-linked threat actors launched more than 237 operations against Ukraine starting just before the invasion. The cyber attacks included destructive wipers that were used to target critical infrastructure in a hybrid war […]
Bleeping Computer
Microsoft says Russia hit Ukraine with hundreds of cyberattacks
Microsoft has revealed the true scale of Russian-backed cyberattacks against Ukraine since the invasion, with hundreds of attempts from multiple Russian hacking groups targeting the country's infrastructure and Ukrainian citizens.
Security Affairs
Apr 17 – Apr 23 Ukraine – Russia the silent cyber conflict
This post provides a timeline of the events related to the Russian invasion of Ukraine from the cyber security perspective. Below is the timeline of the events related to the ongoing invasion that occurred in the previous weeks: April 23 – Phishing attacks using the topic “Azovstal” targets Ukrainian entities Ukrainian CERT-UA warns of phishing […]
Security Affairs
Security Affairs newsletter Round 362 by Pierluigi Paganini
A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. If you want to also receive for free the newsletter with the international press subscribe here. T-Mobile confirms Lapsus$ had access its systems Are you using Java 15/16/17 or 18 […]
Security Affairs
Russian Gamaredon APT continues to target Ukraine
Russia-linked threat actor Gamaredon targets Ukraine with new variants of the custom Pterodo backdoor. Russia-linked Gamaredon APT group (a.k.a. Armageddon, Primitive Bear, and ACTINIUM) continues to target Ukraine and it is using new variants of the custom Pterodo backdoor (aka Pteranodon). The cyberespionage group is behind a recent series of spear-phishing attacks targeting Ukrainian entities and organizations related to Ukrainian […]
The Record
From the front lines of ‘the first real cyberwar’
Natalia Tkachuk is no stranger to cyberattacks. As the head of the Information Security and Cybersecurity Service — part of the National Security and Defense Council of Ukraine — she helps coordinate and manage the government’s response to cyberthreats, which now mostly consist of a bombardment of attacks from Russian military hackers and other groups.
Bleeping Computer
Russian state hackers hit Ukraine with new malware variants
Threat analysts report the activity of the Russian state-sponsored threat group known as Gamaredon (Armageddon, Shuckworm), is still notably active in Ukrainian computer networks.
Security Affairs
Ukraine warns of attacks aimed at taking over Telegram accounts
Ukraine’s technical security and intelligence service warns of threat actors targeting aimed at gaining access to users’ Telegram accounts. State Service of Special Communication and Information Protection (SSSCIP) of Ukraine spotted a new wave of cyber attacks aimed at gaining access to users’ Telegram accounts. The Ukrainian CERT attributes the hacking campaign to threat actors […]
CyberScoop
US says it disrupted Russian botnet 'before it could be weaponized'
Officials attributed the botnet, called Cyclops Blink, to Russia's GRU, which has a long history of high-profile cyberattacks.
The Hacker News
Ukraine Warns of Cyber attack Aiming to Hack Users' Telegram Messenger Accounts
Ukraine's technical security and intelligence service is warning of a new wave of cyber attacks that are aimed at gaining access to users' Telegram.
Security Affairs
Russia-linked Armageddon APT targets Ukrainian state organizations, CERT-UA warns
Ukraine CERT-UA spotted a spear-phishing campaign conducted by Russia-linked Armageddon APT targeting local state organizations. Ukraine CERT-UA published a security advisory to warn of spear-phishing attacks conducted by Russia-linked Armageddon APT (aka Gamaredon, Primitive Bear, Armageddon, Winterflounder, or Iron Tilden) targeting local state organizations. The phishing messages have been sent from “vadim_melnik88@i[.]ua,” the campaign aims at […]
CyberScoop
Russian attempts to phish Ukrainian targets with 'war crimes' lures unsuccessful so far, official says
Ukraine's CERT attributed the phishing effort to a Russian state-backed group known as Armageddon or Gamaredon.
The Hacker News
U.S. Government Warns Companies of Potential Russian Cyberattacks
U.S. government once again cautioned of potential cyber attacks from Russia in retaliation for economic sanctions imposed by the west on the country.
Security Affairs
Russia-linked InvisiMole APT targets state organizations of Ukraine
Ukraine CERT (CERT-UA) warns of spear-phishing attacks conducted by UAC-0035 group (aka InvisiMole) on state organizations of Ukraine. The Government Team for Response to Computer Emergencies of Ukraine (CERT-UA) warns of spear-phishing messages conducted by UAC-0035 group (aka InvisiMole) against Ukrainian state bodies. The messages use an archive named “501_25_103.zip”, which contains a shortcut file. Upon opening […]
ZDNet
Ukraine warns of InvisiMole attacks tied to state-sponsored Russian hackers | ZDNet
InvisiMole has been collaborating with the Gamaredon APT for years.
Security Affairs
Russia-Ukraine, who are the soldiers that crowd cyberspace?
While Russia is invading Ukraine, multiple forces are joining in the conflict, especially in the cyber space, let’s analyze them The analysis of the current scenario in cyberspace is not easy due to the presence of multiple threat actors and the difficulty of attributing the attacks. Security group CyberKnow shared an interesting analysis about the […]
Trend Micro
Cyberattacks are Prominent in the Russia-Ukraine Conflict
Alongside the physical conflict happening between Russia and Ukraine, there have also been an increasing number of alleged cyberattacks perpetrated by different groups. Our research teams have verified and validated internal data and external reports to provide accurate information that can be used to strengthen defenses against these attacks. We will continuously update this blog with validated threats as more events unfold.
Security Affairs
Feb 7- Feb 27 Ukraine – Russia the silent cyber conflict
This post provides a timeline of the events related to the Russia invasion of Ukraine from the cyber security perspective. Below is the timeline of Russia – Ukraine cyber dispute February 27 – Ukraine: Volunteer IT Army is going to hit tens of Russian targets from this list Ukraine is recruiting a volunteer IT army […]
SecurityWeek
Russia, Ukraine and the Danger of a Global Cyberwar
The big difference between the Russia of the USSR and the Russia of today has been the emergence of cyber as an accepted theater of war. It is this role of cyber that SecurityWeek discussed with Marcus Willett.
Bleeping Computer
White House pins Ukraine DDoS attacks on Russian GRU hackers
Today, the White House has linked the recent DDoS attacks that knocked down the sites of Ukrainian banks and defense agencies to Russia's Main Directorate of the General Staff of the Armed Forces (also known as GRU).
CyberSecurity Dive
Officials warn of asymmetric cyberattacks as Ukraine conflict simmers
The alarms come amid DDoS attacks against targets in Ukraine.
Bleeping Computer
Ukrainian military agencies, banks hit by DDoS attacks, defacements
The Ministry of Defense and the Armed Forces of Ukraine and two of the country's state-owned banks, Privatbank and Oschadbank (Ukraine's State Savings Bank), are being hammered by Distributed Denial-of-Service (DDoS) attacks.
Bleeping Computer
Ukrainian military agencies, state-owned banks hit by DDoS attacks
The Ministry of Defense and the Armed Forces of Ukraine and two of the country's state-owned banks, Privatbank (Ukraine's largest bank) and Oschadbank (the State Savings Bank), are being hammered by Distributed Denial-of-Service (DDoS) attacks.
Security Affairs
SSU: Russia-linked actors are targeting Ukraine with ‘massive wave of hybrid warfare’
The Security Service of Ukraine (SSU) said the country is the target of an ongoing “wave of hybrid warfare.” The Security Service of Ukraine (SSU) today revealed the country is the target of an ongoing “wave of hybrid warfare” conducted by Russia-linked malicious actors. Threat actors aim at destabilizing the social contest in the country […]
Bleeping Computer
Ukraine says it’s targeted by ‘massive wave of hybrid warfare’
The Security Service of Ukraine (SSU) today said the country is the target of an ongoing "wave of hybrid warfare," aiming to instill anxiety and undermine Ukrainian society's confidence in the state's ability to defend its citizens.
Security Affairs
Security Affairs newsletter Round 353
A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. If you want to also receive for free the newsletter with the international press subscribe here. Organizations are addressing zero-day vulnerabilities more quickly, says Google CISA, FBI, NSA warn of […]
DarkReading
Russian APT Steps Up Malicious Cyber Activity in Ukraine
Actinium/Gameredon's attacks are another reminder of why organizations need to pay additional scrutiny to systems in the region.
The Hacker News
Microsoft Uncovers New Details of Russian Hacking Campaign Targeting Ukraine
Microsoft shared more details on tactics and techniques that Russia-based Gamaredon hacking group used to facilitate cyberespionage attacks.
Bleeping Computer
Microsoft: Russian FSB hackers hitting Ukraine since October
Microsoft said today that a Russian hacking group known as Gamaredon has been behind a streak of spear-phishing emails targeting Ukrainian entities and organizations related to Ukrainian affairs since October 2021.
ZDNet
Russian APT Primitive Bear attacks Western gov't department in Ukraine through job hunt | ZDNet
The hacking group's latest activities come at a time when tension is boiling between Russia and Ukraine.
Bleeping Computer
Russian 'Gamaredon' hackers use 8 new malware payloads in attacks
The Russia-linked hackers known as 'Gamaredon' (aka Armageddon or Shuckworm) were spotted deploying eight custom binaries in cyber-espionage operations against Ukrainian entities.
The Record
APT groups from China, Russia, and India adopt novel attack technique
State-sponsored hacking groups, also known as advanced persistent threats (APTs), have adopted this year a new attack technique called RTF Template Injection, which has brought a new twist and made their attacks harder to detect and stop.