X-Industry

Ukraine is accusing Google of exposing the locations of its military sites in recent updates to its online mapping service.  Andrii Kovalenko, the head of the counter-disinformation department at Ukraine's National Security and Defense Council, said the images were spotted last week and have already been “actively distributed” by Russians.  He did not provide further details about what was specifically revealed or how Moscow could use the obtained data.

Kovalenko said Google hasn’t yet fixed the

The Ukrainian Computer Emergency Response Team has issued a new security warning after discovering a cyber-attack campaign carried out by the APT28 threat group, also known as Fancy Bear.  This group is thought, with a high degree of confidence, to be affiliated with Russian military intelligence operations.  Here’s what we know so far and what you need to watch out for if you think you might be at risk of being targeted. 

The APT28 Fancy Bear Cyber Attack Campaign Warning From CERT-UA - The Ukr

Recently, the Dutch police have announced the takedown of Bohemia and Cannabia, which has been described as the world's largest and longest-running dark web market for illegal goods, drugs, and cybercrime services.  The takedown is the result of a collaborative investigation with Ireland, the United Kingdom, and the United States that began towards the end of 2022, the disclosure reported.  The marketplace discontinued its operations in late 2023 following reports of service disruptions and exit

Some television stations and websites in Russia are offline for the second day in a row following what Moscow called an “unprecedented” attack on its digital infrastructure.  The disruption began on October 7, Russian President Vladimir Putin’s birthday.  Last week, Russian state-owned broadcaster VGTRK’s website and digital streaming services went off the air.  The affected outlets included radio stations and TV channels such as Russia-1 and Russia-24.  “Our state media holding, one of the larg

Poland’s security services reported that they had broken up an alleged cyber sabotage group linked to Russia and Belarus that had attempted to “paralyze” the country through cyberattacks.  The group, whose members were not publicly identified, extorted information from Polish local government agencies and state companies related to military and security matters, Poland’s Minister of Digital Affairs, Krzysztof Gawkowski, said during a press briefing on 10 September 2024.  He referred to the group

The US Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), and National Security Agency (NSA) assess that cyber actors affiliated with the Russian General Staff Main Intelligence Directorate (GRU) 161st Specialist Training Center (Unit 29155) are responsible for computer network operations against global targets for the purposes of espionage, sabotage, and reputational harm since at least 2020.  GRU Unit 29155 cyber actors began deploying the destructi

The first sample of RomCom ransomware was observed in early July 2023 on a publicly available file scanning site, about the same time as the first victim posted on its data leak site on 13 July 2023. Like most ransomware, this ransomware encrypts files on victims' Windows machines and demands a ransom to decrypt them via dropped ransom notes.

Infection Vector - Online reports indicate that the Russia-based RomCom group, or Storm-0978, is deploying the Underground ransomware.  This threat group i

So maybe China and Russia are not such good friends after all.  Cyber security researchers have uncovered an apparently new Advanced Persistent Threat (APT) group targeting Russian government entities, known as CloudSorcerer.  They use a sophisticated cyber espionage tool, discovered by investigators and reported in an advisory they published in June, and is designed for covert data collection and exfiltration, using Microsoft Graph, Yandex Cloud, and Dropbox for its command and control (C2) inf

As the US National Elections are coming quickly, all US eyes are on Russia and Iran to watch for an increase of cyber-attacks, aimed at the election process.  Russia remains the top source of troll networks disrupted on Facebook and Instagram, with Iran close behind, according to a threat report by social media giant Meta.  The company’s latest quarterly review, released on Thursday, states it has disrupted 39 covert influence operations originating in Russia since 2017, followed by 30 from Iran

Russia's Kursk region was hit by a “massive” distributed denial-of-service (DDoS) attack on 15 August amid Ukraine’s surprise cross-border incursion, Kursk state officials said in a statement.  The unnamed hackers targeted government and business websites, as well as critical infrastructure services, making some of them temporarily unavailable, state media reported.

Data shared by Internet monitoring service NetBlocks shows “sporadic disruptions to internet connectivity in and around Kursk,” lik

Cyber-spies suspected of connections with China have infected "dozens" of computers belonging to Russian government agencies and IT providers with backdoors and trojans since late July, according to Kaspersky.  The Russia-based security biz claimed the malware used in the ongoing, targeted attacks, called EastWind, has links to two China-nexus groups tracked as APT27 and APT31. 

After gaining initial access to their victims' devices via phishing emails, the attackers used various cloud services

Researchers have discovered a new malware variant likely used in an attack this January against an energy company in western Ukraine that left 600 households without heat amid freezing temperatures.  The tool, called FrostyGoop, is one of only a few malware strains ever discovered in the wild that can interact directly with industrial control systems and have a physical effect on the hardware used by targeted enterprises, according to researchers at industrial cybersecurity firm Dragos, which di

In 2019, the Space Force became the nation’s first new military branch in nearly 80 years.   Now, the US Congress is already thinking about starting another one, a cyber force.  For years, there's been talk of creating a military branch that concentrates on the cyber domain, driven by the increasing threat posed by geopolitical rivals like China and by organizational and staffing problems with the existing US military cyber operations.  Now, members of the House of Representatives and Senate hav

The United Nations' telecommunication agency condemned Russian interference in the satellite systems of several European countries.  Earlier this month, the UN’s International Telecommunication Union (ITU) received a series of complaints from Ukraine, France, Sweden, the Netherlands and Luxembourg about the Kremlin’s alleged satellite interference that has affected GPS signals and television channels.  The ITU reviewed these complaints and published a document Monday calling the practice “extrem

More than 1,000 planned operations and over 3,000 outpatient appointments have been postponed amid ongoing disruption caused by a cyber-attack that impacted London hospitals.  Synnovis, an agency which manages labs for NHS trusts and GPs in south-east London, was the victim of a data hack on 3 June.[1]

New figures from NHS England show that since then, 3,396 appointments and 1,255 elective procedures have been postponed.  In a statement, the chief executives of two affected trusts said they were

The notorious Russia-based ransomware gang Lockbit 3.0 has claimed responsibility for a cyber-attack on the US Federal Reserve.  The attack, which was announced on 23 June via a post on a site associated with the ransomware gang, allegedly saw the gang infiltrate the systems of the US Federal Reserve and exfiltrate 33 TB of sensitive banking information.

In the post, which was entitled 'federalreserve.gov', the gang explained how the Federal Reserve is structured, and its role in distributing mo

As the 2024 Paris Summer Olympics approach, a sophisticated Russian disinformation campaign is in high gear to sow confusion, undermine the Games, and dissuade spectators from attending.  This is according to a new report from the Microsoft Threat Analysis Center (MTAC) that outlines extensive malign influence efforts emanating from Russia-aligned actors.  "In just under three months, after traversing more than 3,000 miles across 450 French towns, the Olympic flame will be lit at the Opening Cer

LockbitSupp, the pseudonymous leader of the LockBit ransomware group, was identified as a Russian national called Dmitry Khoroshev on 7 May as the United States, United Kingdom and Australia imposed financial sanctions against him.

A 26-count indictment has been unsealed in the US charging Khoroshev, with developing and operating the LockBit ransomware service.  He is accused of growing LockBit “into a massive criminal organization that has, at times, ranked as the most prolific and destructive

Russia, on 24 April 2024, vetoed a UN resolution sponsored by the United States and Japan calling on all nations to prevent a dangerous nuclear arms race in outer space, calling it “a dirty spectacle” that cherry-picks weapons of mass destruction from all other weapons that should also be banned.  The vote in the 15-member Security Council was 13 in favor, Russia opposed it, and China abstained.  The resolution would have called on all countries not to develop or deploy nuclear arms or other wea

A hack that caused a small Texas town’s water system to overflow in January has been linked to a shadowy Russian hacktivist group, the latest case of a US public utility becoming a target of foreign cyberattacks.  The attack was one of three on small towns in the rural Texas Panhandle. Local officials said the public was not put in any danger and the attempts were reported to federal authorities.  “There were 37,000 attempts in four days to log into our firewall,” said Mike Cypert, City Manager