Cyber threat actors operating with interests aligned to Belarus and Russia have been linked to a new cyber espionage campaign that likely exploited Cross-Site Scripting (XSS) vulnerabilities in Roundcube webmail servers to target over 80 organizations. According to investigators, these entities are primarily located in Georgia, Poland, and Ukraine and attributed the intrusion set to a threat actor known as Winter Vivern, also known as TA473 and UAC0114. The cybersecurity firm tracks the hacki
poland (4)
Several Polish media and news websites were hit by distributed denial-of-service (DDoS) attacks that the government said could be the action of Russian hacking groups, the digitalization minister was quoted as saying on 18 May. Warsaw has positioned itself as one of Ukraine's staunchest allies since Russia invaded the country, and Poland says it frequently faces Russian attempts to destabilize the situation in the country. Moscow has consistently denied that it carries out hacking operations.
Activity Summary - Week Ending 25 June 2021:
- Red Sky Alliance observed 105 unique email accounts compromised with Keyloggers
- Analysts identified 37,719 connections from new unique IP Addresses
- 2,489 new IP addresses participating in various botnets were Observed
- Darkside Affiliate Group
- Telegrams APIs being Used
- Poland’s Government allegedly hit by Russian Hackers
- White Hats to the Rescue
- Carnival Cruise Line hit, AGAIN
- Korea Atomic Energy Research Institute
- Hong Kong’s Apple Daily pivoting to
An ongoing disinformation campaign called "Ghostwriter," which leverages compromised social media accounts is targeting several NATO member countries in Europe. Ghostwriter is attempting to undermine confidence in the defensive organization as well as spread discord in Eastern Europe. Researchers who uncovered the campaign in July 2020, have now documented an additional 20 incidents related to the cyber operation, including at least one earlier in 2021.
The Ghostwriter campaign is primarily a
