Cyber warfare

Pierluigi Paganini March 15, 2024
UK Defence Secretary jet hit by an electronic warfare attack in Poland

Russian hackers have knocked down the GPS and communications of Defence Secretary Grant Shapps RAF Dassault Falcon 900 jet with electronic warfare attack. Defence Secretary Grant Shapps RAF Dassault Falcon 900 jet flew from Poland, where he visited British troops in Steadfast Defender, to the UK. The UK defence chief confirmed the complete support of […]

Pierluigi Paganini March 08, 2024
Russia-linked Midnight Blizzard breached Microsoft systems again

Microsoft revealed that Russia-linked APT group Midnight Blizzard recently breached its internal systems and source code repositories. Microsoft published an update on the attack that hit the company on January 12, 2024, the IT giant revealed that the Russia-linked Midnight Blizzard recently breached again its internal systems and source code repositories. In January, Microsoft warned […]

Pierluigi Paganini March 07, 2024
National intelligence agency of Moldova warns of Russia attacks ahead of the presidential election

The national intelligence agency of Moldova warns of hybrid attacks from Russia ahead of the upcoming elections. The Moldovan national intelligence agency warns of hybrid attacks from Russia ahead of the upcoming elections. 2024 is a crucial year for Moldova; like more than 70 other countries worldwide, it will go to the polls, and the […]

Pierluigi Paganini March 05, 2024
Ukraine’s GUR hacked the Russian Ministry of Defense

The Main Intelligence Directorate (GUR) of Ukraine’s Ministry of Defense claims that it hacked the Russian Ministry of Defense. The Main Intelligence Directorate (GUR) of Ukraine’s Ministry of Defense announced it had breached the Russian Ministry of Defense servers as part of a special operation, and exfiltrated confidential documents. Stolen documents include: The stolen documents […]

Pierluigi Paganini February 19, 2024
Russia-linked APT TAG-70 targets European government and military mail servers exploiting Roundcube XSS

An APT group, tracked as TAG-70, linked to Belarus and Russia exploited XSS flaws in Roundcube webmail servers to target over 80 organizations. Researchers from Recorded Future’s Insikt Group identified a cyberespionage campaign carried out by an APT group, tracked as TAG-70, linked to Belarus and Russia. The nation-state actors are known to carry out […]

Pierluigi Paganini February 16, 2024
Russia-linked Turla APT uses new TinyTurla-NG backdoor to spy on Polish NGOs

Russia-linked APT group Turla has been spotted targeting Polish non-governmental organizations (NGO) with a new backdoor dubbed TinyTurla-NG. Russia-linked cyberespionage group Turla has been spotted using a new backdoor dubbed TinyTurla-NG in attacks aimed at Polish non-governmental organizations. The Turla APT group (aka Snake, Uroburos, Waterbug, Venomous Bear and KRYPTON) has been active since at least 2004 targeting diplomatic and government organizations and private businesses in the Middle […]

Pierluigi Paganini February 15, 2024
North Korea-linked actors breached the emails of a Presidential Office member

The office of South Korean President Yoon Suk Yeol said that North Korea-linked actors breached the personal emails of one of his staff members. The office of South Korean President Yoon Suk Yeol announced a security incident involving the compromise of personal emails belonging to a member of the presidential staff. The government attributes the […]

Pierluigi Paganini February 08, 2024
China-linked APT Volt Typhoon remained undetected for years in US infrastructure

China-linked APT Volt Typhoon infiltrated a critical infrastructure network in the US and remained undetected for at least five years. US CISA, the NSA, the FBI, along with partner Five Eyes agencies, published a joint advisory to warn that China-linked APT Volt Typhoon infiltrated a critical infrastructure network in the US and remained undetected for […]

Pierluigi Paganini February 04, 2024
US government imposed sanctions on six Iranian intel officials

The US government issued sanctions against six Iranian government officials linked to cyberattacks against critical infrastructure organizations.  The U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) has imposed sanctions on six Iranian government officials associated with cyberattacks targeting critical infrastructure organizations in the US and abroad. “Today, the Department of the Treasury’s Office of […]

Pierluigi Paganini February 02, 2024
PurpleFox malware infected at least 2,000 computers in Ukraine

The Computer Emergency Response Team in Ukraine (CERT-UA) reported that a PurpleFox malware campaign had already infected at least 2,000 computers in the country. The Computer Emergency Response Team in Ukraine (CERT-UA) is warning about a malware campaign that has infected at least 2,000 computers in the country with the PurpleFox malware (aka ‘DirtyMoe‘). “The […]