New Azov data wiper tries to frame researchers and BleepingComputer

A new and destructive ‘Azov Ransomware’ data wiper is being heavily distributed through pirated software, key generators, and adware bundles, trying to frame well-known security researchers by claiming they are behind the attack. The Azov Ransomware falsely claims to have Read More …

Feds accuse Ukrainian of renting out PC-raiding Raccoon malware to fiends

Mark Sokolovsky, 26, a Ukrainian national, is being held in the Netherlands while he awaits extradition to America on cybercrime charges, the US Justice Department said on Tuesday. Sokolovsky, said to have used the online names Photix, Raccoon Stealer, and Read More …

New “Prestige” ransomware impacts organizations in Ukraine and Poland

The Microsoft Threat Intelligence Center (MSTIC) has identified evidence of a novel ransomware campaign targeting organizations in the transportation and related logistics industries in Ukraine and Poland utilizing a previously unidentified ransomware payload. MSTIC researchers observed this new ransomware, which Read More …

Initial access broker repurposing techniques in targeted attacks against Ukraine

As the war in Ukraine continues, TAG is tracking an increasing number of financially motivated threat actors targeting Ukraine whose activities seem closely aligned with Russian government-backed attackers. This post provides details on five different campaigns conducted from April to Read More …

Ukrainian hackers attacked the Mir payment system

Hackers staged a powerful and large-scale DDoS attack on the national payment system “Mir” against the backdrop of news about the possible refusal of a number of countries to work with it. How informs “Kommersant”, the goal is to overload Read More …

Russian Sandworm hackers pose as Ukrainian telcos to drop malware

The Russian state-sponsored hacking group known as Sandworm has been observed masquerading as telecommunication providers to target Ukrainian entities with malware. Sandworm is a state-backed threat actor attributed by the US government as part of the Russian GRU foreign military Read More …

Gamaredon APT targets Ukrainian government agencies in new campaign

Cisco Talos discovered Gamaredon APT activity targeting users in Ukraine with malicious LNK files distributed in RAR archives. The campaign, part of an ongoing espionage operation observed as recently as August 2022, aims to deliver information-stealing malware to Ukrainian victim Read More …

Russia’s Sovereign Internet Creates Security Risks With Implications for Cyber (Re)Insurance While War in Ukraine Develops

A sovereign Russian internet could lead to cyber criminal safe havens, greater confidence that large-scale attacks can be carried out without consequences, and intelligence blindspots, according to a new report published today by cyber risk analytics expert CyberCube. The research Read More …

Bots manipulate public opinion in Russia-Ukraine conflict

Researchers from the University of Adelaide have found bots have had a major online presence during the war between Russia and Ukraine. The researchers analysed 5,203,764 tweets, retweets, quote tweets and replies posted to Twitter between 23 February 2022, and Read More …

NATO investigates hacker sale of missile firm data

Nato is assessing the impact of a data breach of classified military documents being sold by a hacker group online. The data includes blueprints of weapons being used by Nato allies in the Ukraine war. Criminal hackers are selling the Read More …