russia (117)

12390151900?profile=RESIZE_400xSentinelLabs and ClearSky Cyber Security have been tracking a propaganda and disinformation campaign since late November 2023, highly likely orchestrated by Doppelgänger, a suspected Russia-aligned influence operation network known for its persistent and aggressive tactics.  Initially focusing on disseminating anti-Ukraine content following the onset of the Russo-Ukrainian conflict, Doppelgänger has since broadened its scope, targeting audiences in the US, Israel, Germany, and France.

Analysts o

12390146467?profile=RESIZE_400xIt is no longer theoretical; the world's major powers are working with large language models to enhance offensive cyber operations.  Advanced persistent threats (APTs) aligned with China, Iran, North Korea, and Russia use large language models (LLMs) to enhance their operations.  New blog posts from OpenAI and Microsoft reveal that five prominent threat actors have used OpenAI software for research, fraud, and other malicious purposes.  After identifying them, OpenAI shuttered all their accounts

12389946096?profile=RESIZE_400xCyber threat actors operating with interests aligned to Belarus and Russia have been linked to a new cyber espionage campaign that likely exploited Cross-Site Scripting (XSS) vulnerabilities in Roundcube webmail servers to target over 80 organizations.   According to investigators, these entities are primarily located in Georgia, Poland, and Ukraine and attributed the intrusion set to a threat actor known as Winter Vivern, also known as TA473 and UAC0114.  The cybersecurity firm tracks the hacki

12386303859?profile=RESIZE_400xAn international law enforcement operation has led to the seizure of multiple darknet domains operated by LockBit, one of the most prolific ransomware groups, marking the latest in a long list of digital takedowns.  While the full extent of the effort, codenamed Operation Cronos, is presently unknown, visiting the group's ‘.onion’ website displays a seizure banner containing the message "The site is now under the control of law enforcement." Authorities from 11 countries, Australia, Canada, Finl

12389945471?profile=RESIZE_400xCybersecurity experts are warning that hospitals around the country are at risk for attacks like the one that is crippling operations at a premier Midwestern children’s hospital and that the US government is doing too little to prevent such breaches.  Hospitals in recent years have shifted their use of online technology to support everything from telehealth to medical devices to patient records.  Today, they are a favorite target for internet thieves who hold systems’ data and networks hostage f

12368645483?profile=RESIZE_400xResearchers from Microsoft reported on 25 January 2024 that the Russian state-sponsored threat actors responsible for a cyberattack on its systems in late November 2023 have been targeting other organizations and that it's currently beginning to notify them.  The development comes a day after Hewlett Packard Enterprise (HPE) revealed that it had been the victim of an attack perpetrated by a hacking crew tracked as APT29, which is also known as BlueBravo, Cloaked Ursa, Cozy Bear, Midnight Blizzar

12366106682?profile=RESIZE_400xThe Fidelity National Financial (FNF) cyber-attack leaked the personal data of 1.3 million customers, the company has disclosed in a new filing with the Securities and Exchange Commission.  FNF is one of the largest title insurance and transaction services providers in the United States, with a market capitalization of $13.3 billion, an annual revenue of over $10 billion, and a workforce of about 23,000 people.[1]

The November 2023 cyber-attack disrupted the company’s operations for nearly a wee

12346580278?profile=RESIZE_400xThe mass outage of Ukrainian mobile and internet provider Kyivstar on December 12 last year has now been attributed to the Russian state-sponsored Sandworm group by Ukraine’s Security Service (SBU).  The attack resulted in a total outage of the networks provided by Kyivstar, which included several early-warning attack systems and caused a surge in traffic on other network providers in Ukraine as people sought alternative means of connectivity.  It has now been determined that the group were ling

12311324881?profile=RESIZE_400xHacktivist group Killnet rose to prominence in 2022.  After the launch of SVO, it openly sided with Russia. It carried out high-profile DDoS attacks against significant targets such as the US Federal Tax Service, the European Union’s banking systems SWIFT, and the American arms company Lockheed IBAN. Martin et al.  At the same time, little was known for a long time about the identity of its leader, hacker Killmilk. In the public sphere, he formed the image of a great patriot of the Russian Feder

12309889482?profile=RESIZE_400xResearchers have tracked more activity by an influence campaign linked to Russia that spreads disinformation and propaganda in the US, Germany and Ukraine through a vast network of social media accounts and fake websites.

The campaign, attributed to the Russia-linked influence operation network called Doppelgänger, has been active since at least May 2022.  The US tech company Meta previously referred to Doppelgänger as the “largest” and “most aggressively persistent” malign network sponsored by

12309104701?profile=RESIZE_400xThe UK’s Sellafield nuclear facility has denied reports that its IT networks have been attacked by cyber groups linked to Russia and China.  The Guardian said an investigation into the nuclear site in Cumbria found security breaches, dating back to 2015, which it says were not reported to regulators for “several years.”

The year-long investigation, named ‘Nuclear Leaks,’ said sleeper malware which can be used to spy on or attack systems had been embedded in the networks and could still be there.

12296261478?profile=RESIZE_400x“We’re open for everyone,” announces a brightly colored sign welcoming visitors to the British Library.  But inside the airy building beside London’s St Pancras Station, not everyone can get what they want.  Not since the library was struck by cyber criminals at the end of last month.  The ransomware attack, carried out by a group known for such activity, has knocked out the website of the UK’s national library.  It has also taken down the WiFi, upon which the crowds who come here to work rely. 

12264247482?profile=RESIZE_400xUkrainian hackers collaborated with the country's security services, the SBU, to breach Russia's largest private bank, a source within the department confirmed to Recorded Future News.  Last week, two groups of pro-Ukrainian hackers, KibOrg and NLB, hacked into Alfa-Bank and claimed to obtain the data of more than 30 million customers, including their names, dates of birth, account numbers, and phone numbers, according to a post on their official website.

Alfa-Bank was sanctioned by the United S

12258758265?profile=RESIZE_400xColonial Pipeline said there has been no disruption to pipeline operations or their systems after a ransomware gang made several threats last Friday; yes Friday the 13th.  The company, which runs the largest pipeline system for refined oil products in the US, addressed claims made by the Ransomed.vc gang that data had been stolen from their systems.

“Colonial Pipeline is aware of unsubstantiated claims posted to an online forum that its system has been compromised by an unknown party.  After wor

12217938098?profile=RESIZE_400xArticles on cyber warfare have consistently seen cyberattacks as a first-strike weapon for attacking countries before or at least at the onset of a moving conflict.  The speed with which these attacks occur and the difficulty in allowing for sufficient indications and warning for defenders to mitigate their intensity and volume successfully have bolstered cyberattacks as a legitimate capability for degradation, disruption, and destruction.  Cyberattacks in a moving conflict are synonymous with a

12217926867?profile=RESIZE_400xThe US intelligence community is warning the domestic space industry of the growing risk of espionage and satellite attacks from China, Russia, and other adversaries.  In coordination with the FBI, the National Counterintelligence and Security Center (NCSC), and the Air Force Office of Special Investigations, the Office of the Director of National Intelligence released a warning about the growing threat of foreign intelligence entities (FIEs) as they continue to launch cyberattacks to gain acces

12214542095?profile=RESIZE_400xNorth Korean threat actors have caught Sentinel Lab's attention over the past year, providing us with fruitful insight into a variety of campaigns, such as new reconnaissance tools, (multiple) new supply chain intrusions, elusive multi-platform targeting, and new sly social engineering tactics.  To add to that list, analysts looked at an intrusion into what might be considered a highly desirable strategic espionage mission, supporting North Korea’s contentious missile program.[1]

The Target Orga

12200540686?profile=RESIZE_400xBRICS leaders are meeting in South Africa on 22 August 2023 to discuss how to turn a loose cabal of nations, accounting for a quarter of the global economy, into a geopolitical force that can challenge the West's dominance in World affairs.  Russian President Putin, who faces an international arrest warrant over alleged war crimes in Ukraine, will not join leaders from Brazil, India, China and South Africa amid rifts over whether to expand the bloc to include dozens of "Global South" nations que

12185092076?profile=RESIZE_400xMicrosoft reported on 02 August 2023 that they caught a known Russian government-linked hacking group using its Microsoft Teams chat app to phish for credentials at targeted organizations.  According to a research report from their Threat Intelligence team, the hacking team is linked to the Foreign Intelligence Service of the Russian Federation (also known as the SVR) and has been caught targeting government, non-government organizations (NGOs), IT services, technology, discrete manufacturing, a

12175704865?profile=RESIZE_400xThe head of Russia’s space agency has extended an offer to Moscow’s partners in the BRICS group Brazil, India, China, and South Africa to participate in constructing a joint module for its planned orbital space station, state media reported on 24 July 2023.

See: https://redskyalliance.org/xindustry/the-brics

Construction of the planned space station follows Moscow’s decision last year to end its decades-long partnership with NASA and withdraw from the aging International Space Station, one of th