Cyber warfare

Pierluigi Paganini June 06, 2022
Exclusive: Pro-Russia group ‘Cyber Spetsnaz’ is attacking government agencies

Resecurity, Inc. (USA) has identified an increase in activity within hacktivist groups conducted by a new group called “Cyber Spetsnaz”. Resecurity, Inc. (USA) has identified an increase in activity within hacktivist groups, they’re leveraging current geopolitical tensions between the Ukraine and Russia to perform cyber-attacks. Following the attacks of the Killnet Collective, the group responsible […]

Pierluigi Paganini May 29, 2022
Pro-Russian hacker group KillNet plans to attack Italy on May 30

Pro-Russian hacker group KillNet is threatening again Italy, it announced a massive and unprecedented attack on May 30. Pro-Russian hacker group KillNet is threatening again Italy, it announced a massive and unprecedented attack on May 30. Pro-Russian ‘hacktivist’ group Killnet is one of the most active non-state actors operating since the beginning of the Russian […]

Pierluigi Paganini May 28, 2022
Experts believe that Russian Gamaredon APT could fuel a new round of DDoS attacks

360 Qihoo reported DDoS attacks launched by APT-C-53 (aka Gamaredon) conducted through the open-source DDoS Trojan program LOIC. Researchers at 360 Qihoo observed a wave of DDoS attacks launched by Russia-linked APT-C-53 (aka Gamaredon) and reported that the threat actors also released as open-source the code of a DDoS Trojan called LOIC. The instances of the malware spotted by the experts […]

Pierluigi Paganini May 25, 2022
Unknown APT group is targeting Russian government entities

An unknown APT group is targeting Russian government entities since the beginning of the Russian invasion of Ukraine. Researchers from Malwarebytes observed an unknown Advanced Persistent Threat (APT) group targeting Russian government entities with at least four separate spear-phishing campaigns since the beginning of the Russian invasion of Ukraine. The threat actors behind the attacks […]

Pierluigi Paganini May 24, 2022
Nation-state malware could become a commodity on dark web soon, Interpol warns

Interpol Secretary warns that nation-state malware will become available on the cybercrime underground in a couple of years. Interpol Secretary General Jurgen Stock declared that nation-state malwre will become available on the darknet in a couple of years. In the ongoing conflict between Russia and Ukraine, the malware developed by both nation-state actors and non […]

Pierluigi Paganini May 23, 2022
Russia-linked Fronton botnet could run disinformation campaigns

Researchers warn that the Fronton botnet was used by Russia-linked threat actors for coordinated disinformation campaigns. Fronton is a distributed denial-of-service (DDoS) botnet that was used by Russia-linked threat actors for coordinated disinformation campaigns. In March 2020, the collective of hacktivists called “Digital Revolution” claimed to have hacked a subcontractor to the Russian FSB. The […]

Pierluigi Paganini May 21, 2022
Russia-linked Sandworm continues to conduct attacks against Ukraine

Security researchers from ESET reported that the Russia-linked APT group Sandworm continues to target Ukraine. Security experts from ESET reported that the Russia-linked cyberespionage group Sandworm continues to launch cyber attacks against entities in Ukraine. Sandworm (aka BlackEnergy and TeleBots) has been active since 2000, it operates under the control of Unit 74455 of the Russian GRU’s Main Center for […]

Pierluigi Paganini May 15, 2022
May 08 – May 14 Ukraine – Russia the silent cyber conflict

This post provides a timeline of the events related to Russia invasion of Ukraine from the cyber security perspective. Below is the timeline of the events related to the ongoing Russia invasion that occurred in the previous weeks: May 14 – The LEGION collective calls to action to attack the final of the Eurovision song […]

Pierluigi Paganini May 15, 2022
Ukraine CERT-UA warns of new attacks launched by Russia-linked Armageddon APT

Ukraine Computer Emergency Response Team (CERT-UA) reported a phishing campaign conducted by Armageddon APT using GammaLoad.PS1_v2 malware. Ukraine Computer Emergency Response Team (CERT-UA) reported a phishing campaign using messages with subject “On revenge in Kherson!” and containing the “Plan Kherson.htm” attachment. The HTM-file will decode and create an archive named “Herson.rar”, which contains a file-shortcut […]

Pierluigi Paganini May 14, 2022
Pro-Russian hacktivists target Italy government websites

Pro-Russian hacker group Killnet targeted the websites of several Italian institutions, including the senate and the National Institute of Health. A group of Pro-Russian hackers known as “Killnet” launched an attack against multiple websites of several Italian institutions, including the senate, the National Institute of Health, and the Automobile Club d’Italia (ACI), the national drivers’ […]