Category: Cyber warfare

December 28, 2022

North Korean state-sponsored threat actors have been observed using ransomware against companies and organizations in neighboring South Korea for the first time, police have reported. According to the South China Morning Post, the South Korean National Police Agency said threat […]

December 28, 2022

Ukraine’s domestic intelligence agency revealed earlier this week that it successfully blocked more than 4,500 cyberattacks in 2022. The Security Service of Ukraine, which protects Ukraine’s information and digital security in wartime conditions, says the number of cyberattacks has tripled […]

December 23, 2022

A new targeted phishing campaign has zoomed in on a two-factor authentication solution called Kavach that’s used by Indian government officials. Cybersecurity firm Securonix dubbed the activity STEPPY#KAVACH, attributing it to a threat actor known as SideCopy based on tactical […]

December 21, 2022

The Computer Emergency Response Team of Ukraine (CERT-UA) this week disclosed that users of the Delta situational awareness program received phishing emails from a compromised email account belonging to the Ministry of Defense. The attacks, which have been attributed to […]

December 20, 2022

The Russia-linked Gamaredon group attempted to unsuccessfully break into a large petroleum refining company within a NATO member state earlier this year amid the ongoing Russo-Ukrainian war. The attack, which took place on August 30, 2022, is just one of […]

November 30, 2022

A threat actor with a suspected China nexus has been linked to a set of espionage attacks in the Philippines that primarily relies on USB devices as an initial infection vector. Mandiant, which is part of Google Cloud, is tracking […]

November 17, 2022

Iranian government-sponsored threat actors have been blamed for compromising a U.S. federal agency by taking advantage of the Log4Shell vulnerability in an unpatched VMware Horizon server. The details, which were shared by the U.S. Cybersecurity and Infrastructure Security Agency (CISA), […]

November 14, 2022

The Ukrainian CERT (CERT-UA) has uncovered an attack campaign aimed at compromising Ukrainian organizations and irretrievably encrypting their files. To do that, they are leveraging a specific version of the Somnia ransomware that, “according to the attackers’ theoretical plan, does […]

November 11, 2022

Microsoft on Thursday attributed the recent spate of ransomware incidents targeting transportation and logistics sectors in Ukraine and Poland to a threat cluster that shares overlaps with the Russian state-sponsored Sandworm group. The attacks, which were disclosed by the tech […]

November 10, 2022

Also referred to as Cozy Bear, the Dukes, and Yttrium, APT29 is a Russian cyberespionage group likely sponsored by the Russian Foreign Intelligence Service (SVR). The group is believed to be responsible for multiple high-profile attacks, including the 2016 targeting […]

November 7, 2022

The U.S. Department of the Treasury (USDT) published a press release that includes the main findings of an analysis by the U.S. Treasury’s Financial Crimes Enforcement Network (FinCEN). The report confirms that the system supporting electronic filings of Bank Secrecy […]

November 4, 2022

The Transparent Tribe threat actor has been linked to a new campaign aimed at Indian government organizations with trojanized versions of a two-factor authentication solution called Kavach. “This group abuses Google advertisements for the purpose of malvertising to distribute backdoored […]

November 3, 2022

A French-speaking threat actor dubbed OPERA1ER has been linked to a series of more than 30 successful cyber attacks aimed at banks, financial services, and telecom companies across Africa, Asia, and Latin America between 2018 and 2022. According to Singapore-headquartered […]

October 28, 2022

“The attack was multi-directional, including from inside the Russian Federation,” the Polish Senate said in a statement. Polish Senate speaker Tomasz Grodzki said it may be linked to the Senate’s vote Wednesday declaring the Russian government a “terrorist regime”. The […]

October 17, 2022

The infrastructure of government institutions in Bulgaria has been hit by a massive DDoS attack. The attack started on Saturday and experts believe that it was orchestrated by Russian threat actors. The attack hit multiple government offices, including the Internal […]

October 13, 2022

Earlier this week, the websites of some of the busiest airports in the US were successfully attacked by cybercriminals. A pro-Russian hacking group called Killnet took responsibility for the malicious actions against major airports in Los Angeles, New York, Atlanta, […]

October 13, 2022

POLONIUM APT focused only on Israeli targets, it launched attacks against more than a dozen organizations in various industries, including engineering, information technology, law, communications, branding and marketing, media, insurance, and social services. Microsoft MSTIC researchers believe that the attackers […]

October 3, 2022

The Finnish Security Intelligence Service (Suojelupoliisi or SUPO) warn of a highly likely intensification of cyberespionage activities conducted by Russia-linked threat actors over the winter. According to the SUPO, future NATO membership will make the country a privileged target for […]

September 28, 2022

Western allies initially feared a tsunami of cyberattacks against Ukraine’s military command and critical infrastructure, hindering its ability to resist the Russian forces pouring across its borders. As of mid-September, the Cyber Peace Institute, an NGO based in Switzerland, counted […]

September 21, 2022

The U.S. Federal Communications Commission (FCC) has added Pacific Network Corp, along with its subsidiary ComNet (USA) LLC, and China Unicom (Americas) Operations Limited, to the list of communications equipment and services that have been deemed a threat to national […]