russian (9)

9690728900?profile=RESIZE_400xThe US head of the US National Security Agency (NSA), Cyber Command says the US will continue to battle ransomware for many years into the future. Some of the highest-ranking cybersecurity officials in the US government discussed the pervasive threat of ransomware on 05 October 2021, comparing it to an issue of national security with the ability to inflict measurable damage on major world powers.

Speaking at security firm Mandiant's Cyber Defense Summit, the deputy national security adviser for

9621446463?profile=RESIZE_400xA Russian-linked group known as Turla has been deploying a secondary backdoor against numerous targets to maintain persistence within compromised devices even after the primary malware has been discovered and removed from the infrastructure, according to a research report released by Cisco Talos this week.

The newly discovered backdoor, which the researchers call "TinyTurla," has been deployed against targets in the U.S. and Germany over the last two years. More recently, however, Turla has used

9446943067?profile=RESIZE_400xAn emerging information-stealing malware, sold and distributed on underground Russian underground forums has been written in Rust, is signaling a new trend where threat actors are increasingly adopting exotic programming languages to bypass security protections, evade analysis, and hamper reverse engineering efforts.  Rust is a multi-paradigm, high-level, general-purpose programming language designed for performance and safety, especially safe concurrency.  Rust is syntactically similar to C++ b

9243849699?profile=RESIZE_400xThe current US administration has a message for Russia: Rein in the criminal hackers operating from inside your borders who hit Western targets, or we will do it for you.  The White House says that is the imperative being stressed in ongoing talks between high-level officials in the US and Russian national security teams following the mid-June summit in Geneva between the US President and the Russian President. 

Experts say disrupting ransomware will take more than diplomacy, and needed cybersec

8989665473?profile=RESIZE_400xThe infamous cybercrime organization known as Evil Corp may be running cyberespionage operations on behalf of a Russian intelligence agency, security consulting company Truesec reports.  Active since at least 2009 and also referred to as TA505, the hacking group is known for the use of the Dridex banking Trojan, but also for ransomware families such as Locky, Bart, Jaff, and BitPaymer, along with the more recent WastedLocker and Hades.

Evil Corp is allegedly run by Russian nationals Maksim Yakub

8943653095?profile=RESIZE_400xCritical infrastructure in any country relies on energy sources and transmission for proper and safe national operations.  A direct cyber shot was delivered to the US oil and gas industry by a Russian criminal group known as DarkSide.  DarkSide was identified in the ransomware attack that shut down the US-Georgia-based Colonial Pipeline, which immediately created fuel shortages to cars, trucks, and the airline industry.  The ransom of $5 million USD was eventually paid to get the pipeline back i

8153178663?profile=RESIZE_400xThe past few months have seen a new ransomware variant emerge that is being distributed by the TrickBot malware. The appearance of this new ransomware, named Conti, corresponded with an observed decrease in Ryuk deployments. This suggested that Conti is the “successor” of Ryuk. Some media outlets have also reported that Conti was an evolved version of Ryuk, suggesting that it has evolved from the RYUK source code. While this may have been true for very early samples, a Red Sky analysis of recent

8011196853?profile=RESIZE_400xThroughout the USA, State and County election computer networks are still vulnerable to cyber-attacks and Election Day is only 29 days.  In a little-noticed episode in 2016, an unusual number of voters in Riverside, California, complained that they were turned away at the polls during the primary because their voter registration information had been changed.

The Riverside County district attorney, Mike Hestrin, investigated and determined that the voter records of dozens of people had been tampe

7993726679?profile=RESIZE_400xCyber threat researchers have examined security incidents over the past several years that appear to connect North Korea's Lazarus Group with Russian speaking attackers.  A recent analysis has examined reports from years of security incidents to pinpoint links between Lazarus Group, historically tied to North Korea, and Russian-speaking cybercriminals.

In a summary of his findings, Mark Arena, CEO of security firm Intel 471, holds two generally accepted assumptions: that Lazarus Group is tied to