Ukrainian hacktivist team Cyber Resistance hacked the email of Lieutenant Colonel Sergey Alexandrovich Morgachev, an officer of the Russian Main Intelligence Directorate of the General Staff of the Russian Army (GRU), leader of the Russian hacker group APT 28, consisting of officers of the 85th Main Special Service Center of
A Russian hacking group tracked as TA473, aka 'Winter Vivern,' has been actively exploiting vulnerabilities in unpatched Zimbra endpoints since February 2023 to steal the emails of NATO officials, governments, military personnel, and diplomats. Two weeks ago, Sentinel Labs reported on a recent operation by 'Winter Vivern&
Hackers may have compromised the networks of thousands of businesses due to a supply-chain attack on the enterprise phone company 3CX, which confirmed on Thursday its desktop app had been bundled with malware. 3CX provides office phone systems to more than 12 million daily users at over 600,000 companies,
A whistleblower has provided several media organizations with access to leaked documents from a Russian IT firm named NTC Vulkan (Russian: НТЦ Вулкан) that allegedly show how the firm supports Russia's military and intelligence agencies with cyber warfare tools. Journalists from Der Spiegel and Munich-based investigative group Paper
Intezer researchers uncovered a cyberespionage campaign targeting the Chinese nuclear energy sector, they linked it to the Bitter APT group. The Bitter APT group is a South Asian cyberespionage group active since at least 2021. The group focuses on energy and government sectors, in the past, the group targeted organizations
Microsoft shared guidance for investigating attacks using critical CVE-2023-23397 vulnerability in Outlook. Tracked as CVE-2023-23397 (CVSS score: 9.8), the critical flaw relates to a case of privilege escalation that could be exploited to steal NT Lan Manager (NTLM) hashes and stage a relay attack without requiring any user interaction.
Cybersecurity researchers said this week that they have observed the pro-Russia hacking group known as Killnet increasingly launch distributed denial of service (DDoS) attacks targeting healthcare organizations since November. Killnet was established following Russia’s invasion of Ukraine in February 2022, and spent most of the last year launching DDoS
A new threat actor named 'YoroTrooper' has been running cyber-espionage campaigns since at least June 2022, targeting government and energy organizations in Commonwealth of Independent States (CIS) countries. According to Cisco Talos, the threat actor has compromised accounts of a critical European Union agency engaged in healthcare, the
Russia-linked APT29 (aka SVR group, Cozy Bear, Nobelium, and The Dukes) was spotted abusing the legitimate information exchange systems used by European countries in attacks aimed at governments. In early March, BlackBerry researchers uncovered a new cyber espionage campaign aimed at EU countries. The hackers targeted diplomatic entities and systems
Threat Actors Exploiting Silicon Valley Bank (SVB) Collapse Scenario To Launch Cyber-Attacks Following a bank run on its deposits, Silicon Valley Bank (SVB) experienced a failure on March 10, 2023, and has garnered significant media attention. As SVB has traditionally been the preferred banking partner for many startups worldwide, its
Western countries don't appear to have an answer or robust knowledge about the operators behind Ghostwriter (aka UNC1151), a threat actor that has been engaged in a mixture of hack-and-leak and dis/misinformation campaigns over the past half-decade, a report [PDF] from Cardiff University has concluded. The group,
Commercial radio stations across Russia on Wednesday morning broadcast warnings about air raids and missile strikes. The Ministry of Emergency Situations said the broadcasts were the “result of a hacker attack.” Gazprom-Media, Russia’s largest media company and a subsidiary of the state-owned energy corporation Gazprom, said an “attack on
Russian hacking group Killnet has claimed responsibility for disrupting communications between NATO and other organisations providing earthquake relief in Turkey and Syria. Strategic Airlift Capability (SAC) is a multi-national organisation which relies on NATO for conducting airlifts. The organisation is currently transporting search-and-rescue gear to help the disaster zone and
Vulnerabilities in electric vehicle charging management systems can be exploited for DoS attacks and to steal energy or sensitive information. Researchers warn that many electric vehicle (EV) charging management systems are affected by vulnerabilities that could allow hackers to cause disruption, steal energy, or obtain driver information. The vulnerabilities were
The Russian-sponsored hacker group known as Gamaredon continues to attack Ukrainian organizations and remains one of the “key cyber threats” for Ukraine’s cyberspace, according to a report the Ukrainian government published Wednesday. Ukraine claims that Gamaredon operates from the city of Sevastopol in Russia-occupied Crimea, but acts on orders
Pro-Ukraine hacker group, Team OneFist announced the completion newer joint hacking campaign with Anonymous RoughSec against power metering systems in Russia, titled "Operation Quantum".
