Collaborate Disseminate
Russia-aligned APT group RomCom was behind attacks that leveraged CVE-2024-9680, a remote code execution flaw in Firefox, and CVE-2024-49039, an elevation of privilege vulnerability in Windows Task Scheduler, as zero-days earlier this year. “Chai… Continue reading RomCom hackers chained Firefox and Windows zero-days to deliver backdoor
Forest Blizzard, a threat group associated with Russia’s GRU military intelligence service, repeatedly breached a US-based organization via compromised computer systems of nearby firms, which they leveraged to authenticate to the target’s e… Continue reading Faraway Russian hackers breached US organization via Wi-Fi
Midnight Blizzard – a cyber espionage group that has been linked to the Russian Foreign Intelligence Service (SVR) – is targeting government, academia, defense, and NGO workers with phishing emails containing a signed Remote Desktop Protoco… Continue reading Russian hackers deliver malicious RDP configuration files to thousands
The third phase of Operation Cronos, which involved officers from the UK National Crime Agency (NCA), the FBI, Europol and other law enforcement agencies, has resulted in the arrest of four persons for allegedly participating in the LockBit ransomware-… Continue reading 4 new LockBit-related arrests, identities of suspected Evil Corp members, affiliates revealed
The US Department of Justice has named five Russian computer hackers as members of Unit 29155 – i.e., the 161st Specialist Training Center of the Russian General Staff Main Intelligence Directorate (GRU) – which they deem resposible for the… Continue reading Exposed: Russian military Unit 29155 does digital sabotage, espionage
Suspected Russian hackers have been hitting iPhone and Android users visiting government websites with exploits first leveraged by commercial surveillance vendors, Google TAG researchers shared. The watering hole campaigns Between November 2023 and Jul… Continue reading Midnight Blizzard delivered iOS, Chrome exploits via compromised government websites
The US Justice Department (DoJ) has seized two US-based domains used by Russian threat actors to create fake profiles on X (formerly Twitter) that would spread disinformation in the United States and abroad. This bot farm was created and operated via M… Continue reading How AI-powered software spreads Russian disinformation on X
A federal grand jury in Maryland returned an indictment charging a Russian citizen with conspiracy to hack into and destroy computer systems and data. If convicted, he faces a maximum penalty of five years in prison. The U.S. Department of State’s Rewa… Continue reading US offers $10 million for information on indicted WhisperGate malware suspect
APT29 (aka Cozy Bear, aka Midnight Blizzard) has been spotted targeting German political parties for the first time, Mandiant researchers have shared. Phishing leading to malware The attack started in late February 2024, with phishing emails containing… Continue reading APT29 hit German political parties with bogus invites and malware
Once the war in Ukraine ends, Russia’s offensive cyber capabilities will be directed towards other targets, Rik Ferguson, VP Security Intelligence for Forescout, predicted at IRISSCON on Thursday. Rik Ferguson on stage at IRISSCON 2023 The skills… Continue reading Why cyber war readiness is critical for democracies