Russia Archives - Cyber Security Minute

Russian Military Intelligence Blamed for Blitzkrieg Hacks

Issued by: DataBreach Today

Ukrainian cyber defenders report that fast-acting Russian military intelligence hackers have been targeting government agencies as well as organizations in Poland using backdoor malware tied to phishing lures based on a fake letter from the Ukrainian deputy prime minister. The Computer Emergency Response Team of Ukraine on Thursday detailed a spear-phishing campaign that it has…

News

Kazakhstan to Extradite Russian Hacker to Moscow

Issued by: DataBreach Today

A Russian man accused by the United States of trafficking in a hacked database of online credentials will apparently evade American courts after the Russian government said it had succeeded in extraditing him. Russian prosecutors said authorities in Kazakhstan will transfer the man, Nikita Kislitsin, to face charges related to an October 2022 hacking incident…

News

Ukraine’s intelligence service hacked Russia’s Federal Air Transport Agency, Rosaviatsia

Issued by: Security Affairs

Ukraine’s intelligence service announced they have hacked Russia’s Federal Air Transport Agency, ‘Rosaviatsia.’ The attack is the result of a complex special cyber operation. “The Defence Intelligence of Ukraine informs that as a result of a successful complex special operation in cyberspace, a large volume of confidential documents of the structural subdivision of the Russian…

Malware & Threats

Dutch Critical OT Systems Vulnerable to Hacks

Issued by: DataBreach Today

Critical services in the Netherlands could be a potential target of ransomware and hacktivist attackers with ties to Russia as a means to sow large-scale disruptions in the country, according to a Dutch National Cyber Security Centre warning this week. Although the Russian invasion of Ukraine did not immediately result in a high-level of attacks…

Malware & Threats

Russian cyber spy group APT28 backdoors Cisco routers via SNMP

Issued by: CSO Online

APT28, the hacking arm of Russia’s GRU military intelligence agency has been backdooring Cisco routers by exploiting a remote code execution vulnerability in the Cisco IOS implementation of the simple network management protocol (SNMP), according to a statement by Western security agencies. The malware deployed on compromised routers patches the router’s authentication mechanism to always…

Vulnerabilities

Vulkan Playbook Leak Exposes Russia’s Plans for Worldwide Cyberwar

Issued by: Dark Reading

The release of thousands of pages of confidential documents has exposed Russian military and intelligence agencies’ grand plans for using their cyberwar capabilities in disinformation campaigns, hacking operations, critical infrastructure disruption, and control of the Internet. The papers were leaked from the Russian contractor NTC Vulkan and show how Russian intelligence agencies use private companies…

News

Russian Influence Duo Targets Politicians, CEOs for Embarrassing Video Calls

Issued by: Dark Reading

A Russian duo notorious for pranking numerous high-profile individuals, including Canadian Prime Minister Trudeau, is at it again — this time seeking to embarrass public figures that have expressed support for Ukraine in its war with Russia. Over the past year, the two individuals — known publicly as Vovan and Lexus — have targeted high-ranking…

Malware & Threats

Pre-Deepfake Campaign Targets Putin Critics

Issued by: Security Week

Russia is continuing its campaign of disinformation around the Ukraine war through advanced social engineering delivered by a threat group tracked as TA499. According to a report from Proofpoint, TA499 targets US and European politicians, and leading businessmen and celebrities who have spoken out against Putin’s invasion. The primary purpose is to persuade the victims…

Vulnerabilities

Trickbot Members Sanctioned for Pandemic-Era Ransomware Hits

Issued by: Dark Reading

The US and the UK have issued joint sanctions against alleged members of the TrickBot cybercrime gang for their role in cyberattacks against critical infrastructure. Trickbot, as a malware, began life as a lowly banking Trojan before its authors started adding modules for other forms of malicious activity. It thus evolved into a multifaceted cyber-Swiss…

Malware & Threats

US, UK Slap Sanctions on Trickbot Cybercrime Gang

Issued by: Security Week

The seven individuals are being blamed for a series of major ransomware attacks targeting organizations in the US and the United Kingdom and the Treasury Department said it has information linking the hacking group to Russian intelligence services. “Current members of the Trickbot Group are associated with Russian Intelligence Services. The Trickbot Group’s preparations in…