Feds warn about foreign government-connected hackers aiming to disrupt vital industrial systems

Dragos says the group behind the tools has a “breadth of knowledge” that’s “beyond” any previously witnessed.

The post Feds warn about foreign government-connected hackers aiming to disrupt vital industrial systems appeared first on CyberScoop.

Continue reading Feds warn about foreign government-connected hackers aiming to disrupt vital industrial systems

Sandworm hackers tried (and failed) to disrupt Ukraine’s power grid

The Computer Emergency Response Team of Ukraine (CERT-UA), with the help of ESET and Microsoft security experts, has thwarted a cyber attack by the Sandworm hackers, who tried to shut down electrical substations run by an energy provider in Ukraine. Ac… Continue reading Sandworm hackers tried (and failed) to disrupt Ukraine’s power grid

Russian hackers thwarted in attempt to take out electrical grid, Ukrainians say

Russian losses near Kyiv and a looming onslaught in eastern Ukraine may be a factor in the attack, a Ukrainian official said.

The post Russian hackers thwarted in attempt to take out electrical grid, Ukrainians say appeared first on CyberScoop.

Continue reading Russian hackers thwarted in attempt to take out electrical grid, Ukrainians say

New cyberespionage campaign targeting ISPs, research entities

ESET Research discovered a still-ongoing cyberespionage campaign using a previously undocumented Korplug variant by the Mustang Panda APT group. The current campaign exploits the war in Ukraine and other European news topics. Known victims include rese… Continue reading New cyberespionage campaign targeting ISPs, research entities

Top Ukrainian cyber official praises volunteer hacks on Russian targets, offers updates

Ukraine’s Victor Zhora said the so-called IT Army has done “useful” things, and he offered information about the “CaddyWiper” incident.

The post Top Ukrainian cyber official praises volunteer hacks on Russian targets, offers updates appeared first on CyberScoop.

Continue reading Top Ukrainian cyber official praises volunteer hacks on Russian targets, offers updates

Financially motivated threat actors willing to go after Russian targets

As Ukrainian organizations are getting hit with yet another data-wiping malware, financially motivated threat actors are choosing sides and some of them are expressing their willingness to target Russian targets. Malware hitting Ukranian targets Whispe… Continue reading Financially motivated threat actors willing to go after Russian targets

Cyber attacks on Ukraine: DDoS, new data wiper, cloned websites, and Cyclops Blink

This Thursday morning, Russia started its invasion on Ukraine and, As predicted, the attacks in the physical world have been preceded and accompanied by cyber attacks: Renewed DDoS attacks have been launched against websites Ukrainian government agenci… Continue reading Cyber attacks on Ukraine: DDoS, new data wiper, cloned websites, and Cyclops Blink

Another round of ‘wiper’ malware appears in Ukrainian networks

Security researchers detected new destructive malware spreading in Ukraine on Wednesday, following evidence of distributed denial-of-service disruptions for government agencies — both of which overlapped with the beginnings of a Russian invasion. ESET said the data-wiping malware was “installed on hundreds of machines in the country,” and there were signs that the attackers had been preparing for almost two months. Silas Cutler, principle reverse engineer and resident hacker at Stairwell, said that the wiper damages a system’s master boot record, which tells a machine how to start up. That’s similar to malware known as WhisperGate that was used in an attack in January in Ukraine. Symantec, too, observed the wiper in action, and confirmed to CyberScoop that it has seen it in Latvia as well. Juan-Andres Guerrero-Saade, principal threat researcher at SentinelOne, said the wiper appeared to be more dangerous than the malware uncovered in January. None of the researchers […]

The post Another round of ‘wiper’ malware appears in Ukrainian networks appeared first on CyberScoop.

Continue reading Another round of ‘wiper’ malware appears in Ukrainian networks

End of 2021 witnessed an explosion of RDP brute-force attacks

RDP brute-force attacks continue to be one of the most used attack vectors for breaching enterprise networks, ESET’s latest Threat Report has revealed. RDP brute-force attacks escalated throughout all of 2020 and 2021, and the last four months of… Continue reading End of 2021 witnessed an explosion of RDP brute-force attacks

DazzleSpy: macOS backdoor delivered through watering hole attacks

In late 2021, a never before seen macOS backdoor was delivered to pro-democracy individuals in Hong Kong via fake and compromised sites (for example, that of local radio station D100) by exploiting vulnerabilities in Webkit, the browser engine powering… Continue reading DazzleSpy: macOS backdoor delivered through watering hole attacks