Researchers from Microsoft reported on 25 January 2024 that the Russian state-sponsored threat actors responsible for a cyberattack on its systems in late November 2023 have been targeting other organizations and that it's currently beginning to notify them. The development comes a day after Hewlett Packard Enterprise (HPE) revealed that it had been the victim of an attack perpetrated by a hacking crew tracked as APT29, which is also known as BlueBravo, Cloaked Ursa, Cozy Bear, Midnight Blizzar
russia (152)
The Fidelity National Financial (FNF) cyber-attack leaked the personal data of 1.3 million customers, the company has disclosed in a new filing with the Securities and Exchange Commission. FNF is one of the largest title insurance and transaction services providers in the United States, with a market capitalization of $13.3 billion, an annual revenue of over $10 billion, and a workforce of about 23,000 people.[1]
The November 2023 cyber-attack disrupted the company’s operations for nearly a wee
The mass outage of Ukrainian mobile and internet provider Kyivstar on December 12 last year has now been attributed to the Russian state-sponsored Sandworm group by Ukraine’s Security Service (SBU). The attack resulted in a total outage of the networks provided by Kyivstar, which included several early-warning attack systems and caused a surge in traffic on other network providers in Ukraine as people sought alternative means of connectivity. It has now been determined that the group were ling
Hacktivist group Killnet rose to prominence in 2022. After the launch of SVO, it openly sided with Russia. It carried out high-profile DDoS attacks against significant targets such as the US Federal Tax Service, the European Union’s banking systems SWIFT, and the American arms company Lockheed IBAN. Martin et al. At the same time, little was known for a long time about the identity of its leader, hacker Killmilk. In the public sphere, he formed the image of a great patriot of the Russian Feder
Researchers have tracked more activity by an influence campaign linked to Russia that spreads disinformation and propaganda in the US, Germany and Ukraine through a vast network of social media accounts and fake websites.
The campaign, attributed to the Russia-linked influence operation network called Doppelgänger, has been active since at least May 2022. The US tech company Meta previously referred to Doppelgänger as the “largest” and “most aggressively persistent” malign network sponsored by
The UK’s Sellafield nuclear facility has denied reports that its IT networks have been attacked by cyber groups linked to Russia and China. The Guardian said an investigation into the nuclear site in Cumbria found security breaches, dating back to 2015, which it says were not reported to regulators for “several years.”
The year-long investigation, named ‘Nuclear Leaks,’ said sleeper malware which can be used to spy on or attack systems had been embedded in the networks and could still be there.
“We’re open for everyone,” announces a brightly colored sign welcoming visitors to the British Library. But inside the airy building beside London’s St Pancras Station, not everyone can get what they want. Not since the library was struck by cyber criminals at the end of last month. The ransomware attack, carried out by a group known for such activity, has knocked out the website of the UK’s national library. It has also taken down the WiFi, upon which the crowds who come here to work rely.
Ukrainian hackers collaborated with the country's security services, the SBU, to breach Russia's largest private bank, a source within the department confirmed to Recorded Future News. Last week, two groups of pro-Ukrainian hackers, KibOrg and NLB, hacked into Alfa-Bank and claimed to obtain the data of more than 30 million customers, including their names, dates of birth, account numbers, and phone numbers, according to a post on their official website.
Alfa-Bank was sanctioned by the United S
Colonial Pipeline said there has been no disruption to pipeline operations or their systems after a ransomware gang made several threats last Friday; yes Friday the 13th. The company, which runs the largest pipeline system for refined oil products in the US, addressed claims made by the Ransomed.vc gang that data had been stolen from their systems.
“Colonial Pipeline is aware of unsubstantiated claims posted to an online forum that its system has been compromised by an unknown party. After wor
Articles on cyber warfare have consistently seen cyberattacks as a first-strike weapon for attacking countries before or at least at the onset of a moving conflict. The speed with which these attacks occur and the difficulty in allowing for sufficient indications and warning for defenders to mitigate their intensity and volume successfully have bolstered cyberattacks as a legitimate capability for degradation, disruption, and destruction. Cyberattacks in a moving conflict are synonymous with a
The US intelligence community is warning the domestic space industry of the growing risk of espionage and satellite attacks from China, Russia, and other adversaries. In coordination with the FBI, the National Counterintelligence and Security Center (NCSC), and the Air Force Office of Special Investigations, the Office of the Director of National Intelligence released a warning about the growing threat of foreign intelligence entities (FIEs) as they continue to launch cyberattacks to gain acces
North Korean threat actors have caught Sentinel Lab's attention over the past year, providing us with fruitful insight into a variety of campaigns, such as new reconnaissance tools, (multiple) new supply chain intrusions, elusive multi-platform targeting, and new sly social engineering tactics. To add to that list, analysts looked at an intrusion into what might be considered a highly desirable strategic espionage mission, supporting North Korea’s contentious missile program.[1]
The Target Orga
BRICS leaders are meeting in South Africa on 22 August 2023 to discuss how to turn a loose cabal of nations, accounting for a quarter of the global economy, into a geopolitical force that can challenge the West's dominance in World affairs. Russian President Putin, who faces an international arrest warrant over alleged war crimes in Ukraine, will not join leaders from Brazil, India, China and South Africa amid rifts over whether to expand the bloc to include dozens of "Global South" nations que
Microsoft reported on 02 August 2023 that they caught a known Russian government-linked hacking group using its Microsoft Teams chat app to phish for credentials at targeted organizations. According to a research report from their Threat Intelligence team, the hacking team is linked to the Foreign Intelligence Service of the Russian Federation (also known as the SVR) and has been caught targeting government, non-government organizations (NGOs), IT services, technology, discrete manufacturing, a
The head of Russia’s space agency has extended an offer to Moscow’s partners in the BRICS group Brazil, India, China, and South Africa to participate in constructing a joint module for its planned orbital space station, state media reported on 24 July 2023.
See: https://redskyalliance.org/xindustry/the-brics
Construction of the planned space station follows Moscow’s decision last year to end its decades-long partnership with NASA and withdraw from the aging International Space Station, one of th
Submarine cables, the backbone network of the global economy and telecommunications, are operating in an increasingly risky environment and are prone to geopolitical, physical, and cyber threats, including nation-state sabotage and spying. Fiber-optic submarine cables on the ocean floor transmit an estimated 99% of all intercontinental internet traffic and communications, including roughly $10 trillion of financial transactions daily and sensitive government and military communication, making t
The US Department of Energy and several other federal agencies were compromised in a Russian cyber-extortion gang’s global hack of a file-transfer program popular with corporations and governments. Still, the impact was not expected to be great, Homeland Security officials said on 15 June 2023. But for others, among what could be hundreds of victims from industry to higher education, including patrons of at least two state motor vehicle agencies, the hack was beginning to show some serious impa
Free speech and digital privacy appear to be key components left out of a United Nations (UN) Cybercrime Treaty being proposed, primarily by Russia. To say the cybersecurity community is skeptical would be an understatement. "The UN Cybercrime Treaty, to the extent it gets adopted, is expected to define global norms for lawful surveillance and legal processes available to investigate and prosecute cybercriminals," reports The Register in a special report. "And what has emerged so far contempl
Note: this Recorded Future Ransomware Tracker is updated on the second Sunday of each month to stay current. The number of victims posted on ransomware extortion sites increased in May, with ransomware gangs publicly claiming more than 400 attacks in a month for the second time this year.
The uptick was fueled in large part by the Russia-linked LockBit ransomware group, which posted 74 victims to its extortion site in May. The group has become far and away the most active ransomware gang, wit
"There's a sucker born every minute" is a phrase closely associated with PT Barnum, an American showman of the mid-19th century, although there is no evidence that he said it. Early examples of its use are among gamblers and confidence tricksters of the era. A previously undetected cryptocurrency scam has leveraged over 1,000 fraudulent websites to ensnare users into a bogus rewards scheme since at least January 2021.
This massive campaign has likely resulted in thousands of people being scamm
