The Dark Storm hacktivist group claims to be behind DDoS attacks causing multiple X worldwide outages on Monday, leading the company to enable DDoS protections from Cloudflare. While X owner Elon Musk did not specifically state that DDoS attacks were behind the outages, he did confirm that it was caused by a "massive cyberattack." "There was (still is) a massive cyberattack against X," Musk posted on X. "We get attacked every day, but this was done with a lot of resources. Either a large, coordi
ukraine (66)
When Russia launched its full-scale invasion of Ukraine in February 2022, it also ushered in a new era of warfare, one where cyberattacks were no longer a supporting act but a core component of battlefield operations. This was the world’s first full-scale cyberwar, where digital operations were synchronized with kinetic strikes to disrupt, disable, and disorient the enemy. For three years, Ukraine has defended itself not only on the battlefield but also in cyberspace, repelling relentless Russ
A Russian hacking campaign has exploited a vulnerability in a popular file archiver to infect Ukrainian government and private organizations with SmokeLoader malware, researchers have found.
The bug, tracked as CVE-2025-0411, was discovered in 7-Zip, a free and open-source file archiver developed by Russian programmer Igor Pavlov. It was identified by researchers at Tokyo-based cybersecurity firm Trend Micro in September and patched two months later, giving hackers ample time to exploit it in t
The Ukrainian security service (SBU) has uncovered a new suspected espionage campaign by Russian intelligence services involving the recruitment of Ukrainian teenagers for criminal activities disguised as "quest games." During an operation in the northeastern city of Kharkiv, local law enforcement arrested two groups of alleged Russian Federal Security Service (FSB) agents, all of whom were 15- and 16-years-old.
The teenagers were allegedly tasked with carrying out espionage, directing missile
South Korea claims pro-Russia actors intensified cyberattacks on national sites after it decided to monitor North Korean troops in Ukraine. South Korea’s government blames pro-Russia threat actors for an intensification of cyberattacks on national sites after it chose to monitor North Korean soldiers in Ukraine. South Korea reports that over 10,000 North Korean troops are now deployed in Russia, including in the frontline Kursk region, to support the war in Ukraine. This development, confirmed b
Ukraine is accusing Google of exposing the locations of its military sites in recent updates to its online mapping service. Andrii Kovalenko, the head of the counter-disinformation department at Ukraine's National Security and Defense Council, said the images were spotted last week and have already been “actively distributed” by Russians. He did not provide further details about what was specifically revealed or how Moscow could use the obtained data.
Kovalenko said Google hasn’t yet fixed the
The Ukrainian Computer Emergency Response Team has issued a new security warning after discovering a cyber-attack campaign carried out by the APT28 threat group, also known as Fancy Bear. This group is thought, with a high degree of confidence, to be affiliated with Russian military intelligence operations. Here’s what we know so far and what you need to watch out for if you think you might be at risk of being targeted.
The APT28 Fancy Bear Cyber Attack Campaign Warning From CERT-UA - The Ukr
The US Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), and National Security Agency (NSA) assess that cyber actors affiliated with the Russian General Staff Main Intelligence Directorate (GRU) 161st Specialist Training Center (Unit 29155) are responsible for computer network operations against global targets for the purposes of espionage, sabotage, and reputational harm since at least 2020. GRU Unit 29155 cyber actors began deploying the destructi
Russia's Kursk region was hit by a “massive” distributed denial-of-service (DDoS) attack on 15 August amid Ukraine’s surprise cross-border incursion, Kursk state officials said in a statement. The unnamed hackers targeted government and business websites, as well as critical infrastructure services, making some of them temporarily unavailable, state media reported.
Data shared by Internet monitoring service NetBlocks shows “sporadic disruptions to internet connectivity in and around Kursk,” lik
RU President Vladimir recently offered to end the war in Ukraine if Kyiv agreed to drop its NATO membership ambitions and concede the four provinces of its territory that are claimed and occupied by Russian troops. The democratically elected Ukraine government swiftly rejected these terms. However, the Russian offer suggests that they do not see a near-term military victory in the disputed territory, which could be the motive behind the evolution of its cyberwar tactics in the overall military
Researchers have discovered a new malware variant likely used in an attack this January against an energy company in western Ukraine that left 600 households without heat amid freezing temperatures. The tool, called FrostyGoop, is one of only a few malware strains ever discovered in the wild that can interact directly with industrial control systems and have a physical effect on the hardware used by targeted enterprises, according to researchers at industrial cybersecurity firm Dragos, which di
The United Nations' telecommunication agency condemned Russian interference in the satellite systems of several European countries. Earlier this month, the UN’s International Telecommunication Union (ITU) received a series of complaints from Ukraine, France, Sweden, the Netherlands and Luxembourg about the Kremlin’s alleged satellite interference that has affected GPS signals and television channels. The ITU reviewed these complaints and published a document Monday calling the practice “extrem
FortiGuard Labs has recently identified a sophisticated cyberattack involving an Excel file embedded with a VBA macro designed to deploy a DLL file. The attacker uses a multi-stage malware strategy to deliver the notorious "Cobalt Strike" payload and establish communication with a command and control (C2) server. This attack employs various evasion techniques to ensure successful payload delivery.
Over the past few years, Ukraine has been a significant target due to its geopolitical situation
The targeted operation utilized CVE-2017-8570 as the initial vector and employed a notable custom loader for Cobalt Strike, yet attribution to any known threat actor remains elusive. An unknown threat actor targeted government entities in Ukraine toward the end of 2023 using an old Microsoft Office remote code execution (RCE) exploit from 2017 (CVE-2017-8570) as the initial vector and military vehicles as the lure.
The threat actor initiated the attack using a malicious PowerPoint file (.PPSX)
On 16 March 2024, Sentinel Labs identified a suspicious Linux binary uploaded from Ukraine. Initial analysis showed surface similarities with the infamous AcidRain wiper used to disable KA-SAT modems across Europe at the start of the Russian invasion of Ukraine (commonly identified by the ‘Viasat hack’ misnomer). Since our initial finding, no similar samples or variants have been detected or publicly reported until now. This new sample is a confirmed variant called ‘AcidPour’, a wiper with si
Russia has been accused of attempting to inflame divisions in Germany by publishing an intercepted conversation in which Bundeswehr officials discuss the country’s support for Ukraine, particularly around the supply of Taurus cruise missiles.
The 38-minute conversation, which took place on 19 February 2024, was first published on social media platform Telegram by Margarita Simonyan, the editor-in-chief of RT and a sanctioned propagandist, who said the recording had been provided to her by “comra
SentinelLabs and ClearSky Cyber Security have been tracking a propaganda and disinformation campaign since late November 2023, highly likely orchestrated by Doppelgänger, a suspected Russia-aligned influence operation network known for its persistent and aggressive tactics. Initially focusing on disseminating anti-Ukraine content following the onset of the Russo-Ukrainian conflict, Doppelgänger has since broadened its scope, targeting audiences in the US, Israel, Germany, and France.
Analysts o
Cyber threat actors operating with interests aligned to Belarus and Russia have been linked to a new cyber espionage campaign that likely exploited Cross-Site Scripting (XSS) vulnerabilities in Roundcube webmail servers to target over 80 organizations. According to investigators, these entities are primarily located in Georgia, Poland, and Ukraine and attributed the intrusion set to a threat actor known as Winter Vivern, also known as TA473 and UAC0114. The cybersecurity firm tracks the hacki
An official at the Bangladesh Election Commission has claimed that a cyber-attack “from Ukraine and Germany” caused an election information app to crash as voters went to the polls on 8 January. There has not been an allegation that the incident affected votes in the country, where incumbent Prime Minister Sheikh Hasina secured her fourth straight term in office after a record low turnout, as reported by BBC News.
Hasina, who has held power since 2009, is currently the longest-serving female he
The mass outage of Ukrainian mobile and internet provider Kyivstar on December 12 last year has now been attributed to the Russian state-sponsored Sandworm group by Ukraine’s Security Service (SBU). The attack resulted in a total outage of the networks provided by Kyivstar, which included several early-warning attack systems and caused a surge in traffic on other network providers in Ukraine as people sought alternative means of connectivity. It has now been determined that the group were ling
