Cyberwarfare Archives - Page 3 of 10

Ukraine Cracks Down on Group Selling Hacked Accounts to Pro-Russia Propagandists

Issued by: Security Week

Ukrainian authorities say they have taken down a pro-Russia hacking group that compromised user accounts and then sold them for profit on dark web portals. According to the cyber department of Ukraine’s Security Service (SSU), the hackers targeted user accounts of individuals in Ukraine and across Europe. Leveraging the unauthorized access, the hackers harvested the…

Malware & Threats

Russian Cyberspies Targeting Ukraine Pose as Telecoms Providers

Issued by: Security Week

Newly identified staging infrastructure overlaps with tactics, techniques, and procedures (TTPs) previously attributed to the group and shows that the threat actor continues its attacks on Ukrainian targets likely in support of Russia’s military actions in Ukraine. UAC-0113 has been linked by the Computer Emergency Response Team of Ukraine (CERT-UA) to the advanced persistent threat…

Application Security, Network Security

Microsoft: Multiple Iranian Groups Conducted Cyberattack on Albanian Government

Issued by: Security Week

On July 15, 2022, threat actors working on behalf of the government of Iran launched a destructive attack targeting the Albanian government’s websites and public services, taking them offline. The attack had less than 10% total impact on the customer environment. The campaign consisted of four different stages, with different actors responsible for every one…

Malware & Threats, Network Security, Software Security

NATO Condemns Alleged Iranian Cyberattack on Albania

Issued by: Security Week

“We stand in solidarity with Albania following the recent cyber attack on its national information infrastructure,” NATO allies said. “We strongly condemn such malicious cyber activities designed to destabilise and harm the security of an Ally, and disrupt the daily lives of citizens.” The alliance pledged to “support Albania in strengthening its cyber defence capabilities…

Malware & Threats

Cybercriminals Apparently Involved in Russia-Linked Attack on Montenegro Government

Issued by: Security Week

The country’s Agency for National Security announced last week that government servers had been targeted in an ongoing attack that was described as massive and coordinated. The attack targeted government systems and other critical infrastructure, and managed to cause some disruptions. The US embassy warned citizens residing in the country that the attack could disrupt…

Vulnerabilities

Iranian Government Hackers Exploit Log4Shell in SysAid Apps for Initial Access

Issued by: Security Week

The Log4Shell vulnerability affecting the Apache Log4j logging utility came to light in December 2021. The flaw, identified as CVE-2021-44228, can be exploited for remote code execution and it has been leveraged by both profit-driven cybercriminals and state-sponsored cyberspies. Log4Shell impacts the products of several major companies that use Log4j, but in many attacks the…

Malware & Threats

Security Pros Believe Cybersecurity Now Aligned With Cyberwar

Issued by: Security Week

The figures come from a survey conducted by Sapio for machine identity solutions provider Venafi. The survey hasn’t been published, but the results are discussed in a Venafi blog. Sapio surveyed 1,101 security decision makers in firms with more than 1,000 employees (24% had more than 10,000 employees) across the US, UK, France, Germany, the…

Malware & Threats

Chinese Cyberspies Use Supply Chain Attack to Deliver Windows, macOS Malware

Issued by: Security Week

Also referred to as APT27, Bronze Union, Emissary Panda, Lucky Mouse, and TG-3390 (Threat Group 3390), Iron Tiger has been active since at least 2010, targeting hundreds of organizations worldwide for cyberespionage purposes. As part of recent attacks, the advanced persistent threat (APT) group abused the compromised servers of MiMi – an instant messaging application…

Malware & Threats

Austria Probes Claim Spyware Targeted Law Firms, Banks

Issued by: Security Week

Microsoft’s security team earlier this week said it found that a malware called Subzero — developed by Vienna-based company DSIRF — was deployed in 2021 and 2022. “Observed victims to date include law firms, banks and strategic consultancies in countries such as Austria, the United Kingdom and Panama,” it wrote in a blog entry on…

Vulnerabilities

Exploitation of Recent Chrome Zero-Day Linked to Israeli Spyware Company

Issued by: Security Week

Google was informed about the vulnerability and attacks exploiting it on July 1 by cybersecurity company Avast, which observed it being used against its customers in the Middle East as part of what appeared to be highly targeted operations. The vulnerability is tracked as CVE-2022-2294 and it has been described as a heap buffer overflow…