Collaborate Disseminate
The Computer Emergency Response Team of Ukraine (CERT-UA), with the help of ESET and Microsoft security experts, has thwarted a cyber attack by the Sandworm hackers, who tried to shut down electrical substations run by an energy provider in Ukraine. Ac… Continue reading Sandworm hackers tried (and failed) to disrupt Ukraine’s power grid
Russian losses near Kyiv and a looming onslaught in eastern Ukraine may be a factor in the attack, a Ukrainian official said.
The post Russian hackers thwarted in attempt to take out electrical grid, Ukrainians say appeared first on CyberScoop.
Continue reading Russian hackers thwarted in attempt to take out electrical grid, Ukrainians say
ESET Research discovered a still-ongoing cyberespionage campaign using a previously undocumented Korplug variant by the Mustang Panda APT group. The current campaign exploits the war in Ukraine and other European news topics. Known victims include rese… Continue reading New cyberespionage campaign targeting ISPs, research entities
Ukraine’s Victor Zhora said the so-called IT Army has done “useful” things, and he offered information about the “CaddyWiper” incident.
The post Top Ukrainian cyber official praises volunteer hacks on Russian targets, offers updates appeared first on CyberScoop.
As Ukrainian organizations are getting hit with yet another data-wiping malware, financially motivated threat actors are choosing sides and some of them are expressing their willingness to target Russian targets. Malware hitting Ukranian targets Whispe… Continue reading Financially motivated threat actors willing to go after Russian targets
This Thursday morning, Russia started its invasion on Ukraine and, As predicted, the attacks in the physical world have been preceded and accompanied by cyber attacks: Renewed DDoS attacks have been launched against websites Ukrainian government agenci… Continue reading Cyber attacks on Ukraine: DDoS, new data wiper, cloned websites, and Cyclops Blink
Security researchers detected new destructive malware spreading in Ukraine on Wednesday, following evidence of distributed denial-of-service disruptions for government agencies — both of which overlapped with the beginnings of a Russian invasion. ESET said the data-wiping malware was “installed on hundreds of machines in the country,” and there were signs that the attackers had been preparing for almost two months. Silas Cutler, principle reverse engineer and resident hacker at Stairwell, said that the wiper damages a system’s master boot record, which tells a machine how to start up. That’s similar to malware known as WhisperGate that was used in an attack in January in Ukraine. Symantec, too, observed the wiper in action, and confirmed to CyberScoop that it has seen it in Latvia as well. Juan-Andres Guerrero-Saade, principal threat researcher at SentinelOne, said the wiper appeared to be more dangerous than the malware uncovered in January. None of the researchers […]
The post Another round of ‘wiper’ malware appears in Ukrainian networks appeared first on CyberScoop.
Continue reading Another round of ‘wiper’ malware appears in Ukrainian networks
RDP brute-force attacks continue to be one of the most used attack vectors for breaching enterprise networks, ESET’s latest Threat Report has revealed. RDP brute-force attacks escalated throughout all of 2020 and 2021, and the last four months of… Continue reading End of 2021 witnessed an explosion of RDP brute-force attacks
In late 2021, a never before seen macOS backdoor was delivered to pro-democracy individuals in Hong Kong via fake and compromised sites (for example, that of local radio station D100) by exploiting vulnerabilities in Webkit, the browser engine powering… Continue reading DazzleSpy: macOS backdoor delivered through watering hole attacks
Cybersecurity researchers shed additional light over the weekend on the cyberattacks that disabled Ukrainian government websites, as Kyiv pointed to Russia as the culprit. Microsoft and ESET both shared details on the nature of the malware that took the Ukrainian sites down. Microsoft “assesses that the malware, which is designed to look like ransomware but lacking a ransom recovery mechanism, is intended to be destructive and designed to render targeted devices inoperable rather than to obtain a ransom,” the company wrote in a blog post Saturday. However, Microsoft said it couldn’t yet attribute who was behind the malware, labeled WhisperGate. The Department of Homeland Security’s Cybersecurity and Infrastructure Agency recommended that network defenders review the Microsoft blog post, suggesting the possibility that the attacks could spread to include other targets. ESET on Sunday elaborated further, saying that the malware the attackers contained code “commonly used by commodity e-crime malware.” “It […]
The post Cyberattacks on Ukrainian websites come into clearer focus as Russia tensions escalate appeared first on CyberScoop.