North Korea-linked APT groups conduct ransomware attacks against healthcare and critical infrastructure facilities to fund its activities. Ransomware attacks on critical infrastructure conducted by North Korea-linked hacker groups are used by the government of Pyongyang to fund its malicious cyber operations, U.S. and South Korean agencies warn. US CISA published a Cybersecurity Advisory (CSA) to […]
SecurityScorecardâs researchers released a list of proxy IPs used by the pro-Russia group Killnet to neutralize its attacks. SecurityScorecardâs researchers published a list of proxy IPs used by the pro-Russia group Killnet with the intent to interfere with its operation and block its attacks. “To help organizations better protect themselves, SecurityScorecard has published a list of […]
A Russia-linked threat actor has been observed deploying a new information stealer dubbed Graphiron in attacks against Ukraine. Researchers from Broadcom Symantec spotted a Russia-linked ATP group, tracked as Nodaria (aka UAC-0056), deploying new info-stealing malware, dubbed Graphiron, in attacks against Ukraine. The Nodaria APT group has been active since at least March 2021, it […]
The Computer Emergency Response Team of Ukraine (CERT-UA) warns of a new wave of attacks against state authorities to deploy the Remcos software. The Computer Emergency Response Team of Ukraine (CERT-UA) is warning of a phishing campaign aimed at state authorities that involves the use of the legitimate remote access software Remcos. The phishing emails, […]
Russia-linked threat actor Gamaredon employed new spyware in cyber attacks aimed at public authorities and critical information infrastructure in Ukraine. The State Cyber Protection Centre (SCPC) of Ukraine warns of a new wave of targeted attacks conducted by the Russia-linked APT group Gamaredon (aka Shuckworm, Actinium, Armageddon, Primitive Bear, UAC-0010, and Trident Ursa). The attacks aimed at public authorities and critical information […]
The Dutch National Cyber Security Centre (NCSC) confirmed that Pro-Russia group Killnet hit websites of national and European hospitals. The Dutch National Cyber Security Centre (NCSC) reported that the websites of several hospital in the Netherlands and Europe were hit by DDoS attacks carried out by pro-Russia hacking group Killnet. The group of hackers launched […]
Threat actors are targeting Israeli chemical companies operating in the occupied territories, security experts warn. Threat actors have launched a massive hacking campaign aimed at Israeli chemical companies operating in the occupied territories. A group, named Electronic Quds Force, is threatening companiesâ engineers and workers and are inviting them to resign from their positions. The […]
The Pro-Russia group Killnet is launching a series of DDoS attacks against the websites of US healthcare organizations and hospitals. The Pro-Russia group Killnet launched a series of DDoS attacks against US healthcare organizations and hospitals. The group announced the attacks on its Telegram channel, calling for action against the US government healthcare. The list of targets […]
The Ukrainian (CERT-UA) discovered five different wipers deployed on the network of the country’s national news agency, Ukrinform. On January 17, 2023, the Telegram channel “CyberArmyofRussia_Reborn” reported the compromise of the systems at the Ukrainian National Information Agency “Ukrinform”. The Ukrainian Computer Emergency Response Team (CERT-UA) immediately investigated the claims and as of January 27, […]
An alleged Chinese threat actor was observed exploiting the recently patched CVE-2022-42475 vulnerability in FortiOS SSL-VPN. Researchers from Mandiant reported that suspected Chinese threat actors exploited the recently patched CVE-2022-42475 vulnerability in FortiOS SSL-VPN as a zero-day. According to the security firm, the vulnerability was exploited in attacks against a series of targets, including a […]