Ukraine Targeted in Cyberattack Exploiting 7-Year-Old Microsoft Office Flaw post, april 27, 2024april 30, 2024 Cybersecurity researchers have discovered a targeted operation against Ukraine that has been found leveraging a nearly seven-year-old flaw in Microsoft Office to deliver Cobalt Strike on compromised systems. The attack chain, which took place at the end of 2023 according to Deep Instinct, employs a PowerPoint slideshow file (“signal-2023-12-20-160512.ppsx”) as… Continue Reading
Russian hacking group claims responsibility for cyberattack on Indiana wastewater plant post, april 25, 2024april 26, 2024 The “People’s Cyber Army of Russia” took credit last Saturday for the incident on the messaging app Telegram. A message accompanying the video read: “We continue to look partially cover our series of work on US infrastructure. Today, we’ll look at Indiana. Let’s consider the work on municipal water treatment… Continue Reading
MITRE admits ‘nation state’ attackers touched its NERVE R&D operation post, april 22, 2024april 26, 2024 In a cautionary tale that no one is immune from attack, the security org MITRE has admitted that it got pwned.… Continue Reading
Unearthing APT44: Russia’s Notorious Cyber Sabotage Unit Sandworm post, april 17, 2024april 26, 2024 With Russia’s full-scale invasion in its third year, Sandworm (aka FROZENBARENTS) remains a formidable threat to Ukraine. The group’s operations in support of Moscow’s war aims have proven tactically and operationally adaptable, and as of today, appear to be better integrated with the activities of Russia’s conventional forces than in… Continue Reading
Russian hackers may have targeted Ukrainian telecoms with upgrade ‘AcidPour’ malware post, maart 22, 2024april 26, 2024 The data wiping malware called AcidPour may have been deployed in attacks targeting four telecom providers in Ukraine, new findings from SentinelOne show.The cybersecurity firm also confirmed connections between the malware and AcidRain, tying it to threat activity clusters associated with Russian military intelligence.“AcidPour’s expanded capabilities would enable it to better Continue Reading
APT28 hacker group targeting Europe, Americas, Asia in widespread phishing scheme post, maart 18, 2024april 26, 2024 The Russia-linked threat actor known as APT28 has been linked to multiple ongoing phishing campaigns that employ lure documents imitating government and non-governmental organizations (NGOs) in Europe, the South Caucasus, Central Asia, and North and South America.“The uncovered lures include a mixture of internal and publicly available documents, as well as possible actor-generated Continue Reading
Microsoft confirms Russian spies stole source code, accessed internal systems post, maart 8, 2024april 26, 2024 Still ‘no evidence’ of any compromised customer-facing systems, we’re told Microsoft has now confirmed that the Russian cyberspies who broke into its executives’ email accounts stole source code and gained access to internal systems. The Redmond giant also characterized the intrusion as “ongoing.” Continue Reading
Oekraïense overheidswebsites aangevallen, deel weer bereikbaar post, januari 14, 2022april 26, 2024 Meerdere Oekraïense overheidswebsites liggen plat door een digitale aanval. Op de websites van onder meer het ministerie van Buitenlandse Zaken en de Veiligheids- en Defensieraad is een waarschuwing in het Oekraïens, Russisch en Pools te lezen: “Wees bang en vrees het ergste.” Continue Reading
Implementing the lessons learned from a major cyber attack post, maart 18, 2020april 26, 2024 Blackhat presentatie van Maersk CISO on the events during the notPetya attack. Continue Reading
Russia Perfected Its Cyberwarfare In Ukraine post, november 23, 2019april 26, 2024 Background information on the cyberwarfare taking place in Ukraine. Continue Reading