Russia

Pierluigi Paganini April 12, 2019
APT28 and Upcoming Elections: evidence of possible interference

In mid-March, a suspicious Office document referencing the Ukraine elections appeared in the wild, is it related to APT28 and upcoming elections? Introduction In mid-March, a suspicious Office document referencing the Ukraine elections appeared in the wild. This file was uncommon, it seemed carefully prepared and was speaking about who is leading in the elections […]

Pierluigi Paganini February 27, 2019
U.S. Cyber Command disrupted blocked Russian troll factory during 2018 midterms

The U.S. Cyber Command blocked the Internet access to the Russian troll factory while it was attempting to interfere with 2018 midterm. According to the Washington Post, that cites several U.S. officials, the operation conducted by the U.S. Cyber Command hit the Internet Research Agency in St. Petersburg, the company used by the Russian Government […]

Pierluigi Paganini February 20, 2019
Microsoft says Russian APT28 espionage group hit Democratic Institutions in Europe

Microsoft says Russian APT28 group carried out multiple cyberattacks on democratic institutions in Europe between September and December 2018.  Microsoft revealed that hackers belonging to the cyber espionage group APT28 (aka Fancy Bear, Pawn Storm, Sofacy Group, Sednit, and STRONTIUM) launched several attacks on democratic institutions in Europe between September and December 2018. The tech giant revealed that 104 accounts belonging […]

Pierluigi Paganini February 20, 2019
North Korea’s Lazarus APT targets Russian Entities

Security researchers at Check Point have uncovered a cyber espionage campaign conducted by Lazarus APT group aimed at Russian targets. Security experts at Check Point have uncovered a cyber espionage campaign carried out by Lazarus aimed at Russian targets, If the attribution is correct, this is the first time that North Korean cyber spies were […]

Pierluigi Paganini February 16, 2019
Russia is going to disconnect from the internet as part of a planned test

Russia plans to disconnect the country from the internet as part of an experiment aimed at testing the response to cyber attacks that should isolate it. Russia plans to disconnect the country from the Internet for a limited period of time to conduct a test aimed at assessing the security of its infrastructure. Russian citizens […]

Pierluigi Paganini December 27, 2018
Market volume of illegal online sales of alcohol exceeded 30 million USD in 2018 in Russia

Security firm Group-IB has estimated that the market volume of illegal online sales of alcohol in Russia exceeded 30 million USD in 2018, i.e. almost 5.8 million USD (+23%) more than in 2017. Group-IB Brand Protection team discovered a total of around 4,000 websites illegally selling alcohol. Criminals create entire networks from the “mirror–websites” of their online alcohol stores; if one […]

Pierluigi Paganini December 06, 2018
Ukraine’s SBU: Russia carried out a cyberattack on Judiciary Systems

Ukraine is accusing Russian intelligence services of carrying out cyberattacks against one of its government organizations. Ukraine’s security service SBU announced to have blocked a cyber attack launched by Russian intelligence aimed at breaching information and telecommunications systems used by the country’s judiciary. Attackers launched a spear phishing attack using messages purporting to deliver accounting documents. […]

Pierluigi Paganini November 28, 2018
British MP: Facebook was aware about Russian activity at least since 2014

A British MP claims Facebook was ware about Russian political interference in 2014, long before the events become public. The British MP Damian Collins, head of a parliamentary inquiry into disinformation, revealed that one of the emails seized from US software company Six4Three as part of a US lawsuit, demonstrates that a Facebook engineer had notified the social network giant in October […]

Pierluigi Paganini November 18, 2018
Suspected APT29 hackers behind attacks on US gov agencies, think tanks, and businesses

Last week, security experts reported alleged APT29 hackers impersonating a State Department official in attacks aimed at U.S. government agencies, businesses and think tanks. Cyber security experts are warning of new attacks against U.S. government agencies, think tanks, and businesses. Threat actors carried out spear phishing attacks impersonating a State Department official to attempt compromising targets, […]

Pierluigi Paganini October 24, 2018
Russian Government-owned research institute linked to Triton attacks

Security experts from FireEye found evidence that links the development of the Triton malware (aka Trisis and HatMan) to a Russian government research institute. In December 2017, experts from FireEye discovered a new strain of malware dubbed Triton that was specifically designed to target industrial control systems (ICS). The Triton malware has been used in attacks aimed at a critical […]