X-Industry

Russia has been accused of attempting to inflame divisions in Germany by publishing an intercepted conversation in which Bundeswehr officials discuss the country’s support for Ukraine, particularly around the supply of Taurus cruise missiles.

The 38-minute conversation, which took place on 19 February 2024, was first published on social media platform Telegram by Margarita Simonyan, the editor-in-chief of RT and a sanctioned propagandist, who said the recording had been provided to her by “comra

SentinelLabs and ClearSky Cyber Security have been tracking a propaganda and disinformation campaign since late November 2023, highly likely orchestrated by Doppelgänger, a suspected Russia-aligned influence operation network known for its persistent and aggressive tactics.  Initially focusing on disseminating anti-Ukraine content following the onset of the Russo-Ukrainian conflict, Doppelgänger has since broadened its scope, targeting audiences in the US, Israel, Germany, and France.

Analysts o

It is no longer theoretical; the world's major powers are working with large language models to enhance offensive cyber operations.  Advanced persistent threats (APTs) aligned with China, Iran, North Korea, and Russia use large language models (LLMs) to enhance their operations.  New blog posts from OpenAI and Microsoft reveal that five prominent threat actors have used OpenAI software for research, fraud, and other malicious purposes.  After identifying them, OpenAI shuttered all their accounts

Cyber threat actors operating with interests aligned to Belarus and Russia have been linked to a new cyber espionage campaign that likely exploited Cross-Site Scripting (XSS) vulnerabilities in Roundcube webmail servers to target over 80 organizations.   According to investigators, these entities are primarily located in Georgia, Poland, and Ukraine and attributed the intrusion set to a threat actor known as Winter Vivern, also known as TA473 and UAC0114.  The cybersecurity firm tracks the hacki

An international law enforcement operation has led to the seizure of multiple darknet domains operated by LockBit, one of the most prolific ransomware groups, marking the latest in a long list of digital takedowns.  While the full extent of the effort, codenamed Operation Cronos, is presently unknown, visiting the group's ‘.onion’ website displays a seizure banner containing the message "The site is now under the control of law enforcement." Authorities from 11 countries, Australia, Canada, Finl

Cybersecurity experts are warning that hospitals around the country are at risk for attacks like the one that is crippling operations at a premier Midwestern children’s hospital and that the US government is doing too little to prevent such breaches.  Hospitals in recent years have shifted their use of online technology to support everything from telehealth to medical devices to patient records.  Today, they are a favorite target for internet thieves who hold systems’ data and networks hostage f

Researchers from Microsoft reported on 25 January 2024 that the Russian state-sponsored threat actors responsible for a cyberattack on its systems in late November 2023 have been targeting other organizations and that it's currently beginning to notify them.  The development comes a day after Hewlett Packard Enterprise (HPE) revealed that it had been the victim of an attack perpetrated by a hacking crew tracked as APT29, which is also known as BlueBravo, Cloaked Ursa, Cozy Bear, Midnight Blizzar

The Fidelity National Financial (FNF) cyber-attack leaked the personal data of 1.3 million customers, the company has disclosed in a new filing with the Securities and Exchange Commission.  FNF is one of the largest title insurance and transaction services providers in the United States, with a market capitalization of $13.3 billion, an annual revenue of over $10 billion, and a workforce of about 23,000 people.[1]

The November 2023 cyber-attack disrupted the company’s operations for nearly a wee

The mass outage of Ukrainian mobile and internet provider Kyivstar on December 12 last year has now been attributed to the Russian state-sponsored Sandworm group by Ukraine’s Security Service (SBU).  The attack resulted in a total outage of the networks provided by Kyivstar, which included several early-warning attack systems and caused a surge in traffic on other network providers in Ukraine as people sought alternative means of connectivity.  It has now been determined that the group were ling

Hacktivist group Killnet rose to prominence in 2022.  After the launch of SVO, it openly sided with Russia. It carried out high-profile DDoS attacks against significant targets such as the US Federal Tax Service, the European Union’s banking systems SWIFT, and the American arms company Lockheed IBAN. Martin et al.  At the same time, little was known for a long time about the identity of its leader, hacker Killmilk. In the public sphere, he formed the image of a great patriot of the Russian Feder

Researchers have tracked more activity by an influence campaign linked to Russia that spreads disinformation and propaganda in the US, Germany and Ukraine through a vast network of social media accounts and fake websites.

The campaign, attributed to the Russia-linked influence operation network called Doppelgänger, has been active since at least May 2022.  The US tech company Meta previously referred to Doppelgänger as the “largest” and “most aggressively persistent” malign network sponsored by

The UK’s Sellafield nuclear facility has denied reports that its IT networks have been attacked by cyber groups linked to Russia and China.  The Guardian said an investigation into the nuclear site in Cumbria found security breaches, dating back to 2015, which it says were not reported to regulators for “several years.”

The year-long investigation, named ‘Nuclear Leaks,’ said sleeper malware which can be used to spy on or attack systems had been embedded in the networks and could still be there.

“We’re open for everyone,” announces a brightly colored sign welcoming visitors to the British Library.  But inside the airy building beside London’s St Pancras Station, not everyone can get what they want.  Not since the library was struck by cyber criminals at the end of last month.  The ransomware attack, carried out by a group known for such activity, has knocked out the website of the UK’s national library.  It has also taken down the WiFi, upon which the crowds who come here to work rely. 

Ukrainian hackers collaborated with the country's security services, the SBU, to breach Russia's largest private bank, a source within the department confirmed to Recorded Future News.  Last week, two groups of pro-Ukrainian hackers, KibOrg and NLB, hacked into Alfa-Bank and claimed to obtain the data of more than 30 million customers, including their names, dates of birth, account numbers, and phone numbers, according to a post on their official website.

Alfa-Bank was sanctioned by the United S

Colonial Pipeline said there has been no disruption to pipeline operations or their systems after a ransomware gang made several threats last Friday; yes Friday the 13^th.  The company, which runs the largest pipeline system for refined oil products in the US, addressed claims made by the Ransomed.vc gang that data had been stolen from their systems.

“Colonial Pipeline is aware of unsubstantiated claims posted to an online forum that its system has been compromised by an unknown party.  After wor

Articles on cyber warfare have consistently seen cyberattacks as a first-strike weapon for attacking countries before or at least at the onset of a moving conflict.  The speed with which these attacks occur and the difficulty in allowing for sufficient indications and warning for defenders to mitigate their intensity and volume successfully have bolstered cyberattacks as a legitimate capability for degradation, disruption, and destruction.  Cyberattacks in a moving conflict are synonymous with a

The US intelligence community is warning the domestic space industry of the growing risk of espionage and satellite attacks from China, Russia, and other adversaries.  In coordination with the FBI, the National Counterintelligence and Security Center (NCSC), and the Air Force Office of Special Investigations, the Office of the Director of National Intelligence released a warning about the growing threat of foreign intelligence entities (FIEs) as they continue to launch cyberattacks to gain acces

North Korean threat actors have caught Sentinel Lab's attention over the past year, providing us with fruitful insight into a variety of campaigns, such as new reconnaissance tools, (multiple) new supply chain intrusions, elusive multi-platform targeting, and new sly social engineering tactics.  To add to that list, analysts looked at an intrusion into what might be considered a highly desirable strategic espionage mission, supporting North Korea’s contentious missile program.[1]

The Target Orga

BRICS leaders are meeting in South Africa on 22 August 2023 to discuss how to turn a loose cabal of nations, accounting for a quarter of the global economy, into a geopolitical force that can challenge the West's dominance in World affairs.  Russian President Putin, who faces an international arrest warrant over alleged war crimes in Ukraine, will not join leaders from Brazil, India, China and South Africa amid rifts over whether to expand the bloc to include dozens of "Global South" nations que

Microsoft reported on 02 August 2023 that they caught a known Russian government-linked hacking group using its Microsoft Teams chat app to phish for credentials at targeted organizations.  According to a research report from their Threat Intelligence team, the hacking team is linked to the Foreign Intelligence Service of the Russian Federation (also known as the SVR) and has been caught targeting government, non-government organizations (NGOs), IT services, technology, discrete manufacturing, a