Russia

Pierluigi Paganini June 14, 2018
2018 Russia World Cup : Russian cyber spy may hack travelers’ mobile devices

According to a top US intelligence official, mobile phones of football fans traveling to Russia for the World Cup could be hacked by the Russian Intelligence.  Russia World Cup 2018 – Mobile devices and computers of football fans traveling to Russia could be hacked by the Russian Intelligence, the alert was issued by William Evanina, Director […]

Pierluigi Paganini June 11, 2018
Former GCHQ chief Hannigan warns of Russia’s aggressive approach to the cyberspace

According to former GCHQ chief, the recently discovered VPNFilter botnet is the demonstration that Russia appears to be live-testing cyberattacks. Former GCHQ chief Robert Hannigan has warned that the availability of hacking tools in the main marketplaces is rapidly changing the threat landscape. Hannigan served as the director of the UK intelligence agency between November 2014 until January 2017. Threat actors have an […]

Pierluigi Paganini June 10, 2018
Search Engines in Russia cannot link to banned VPN services and Internet proxy services

Russia strengthens online censorship by announcing fines for search engines that link to VPN serviced banned in the country. Russian Government has approved a new bill to punish search engines that are not aligned with Moscow and that allows its users to find VPN services, and anonymization tools that allow circumventing the censorship. According to the amendments to the Code […]

Pierluigi Paganini June 07, 2018
Russia-linked Sofacy APT group adopts new tactics and tools in last campaign

Sofacy APT group (APT28, Pawn Storm, Fancy Bear, Sednit, Tsar Team, and Strontium) continues to operate and thanks to rapid and continuously changes of tactics the hackers are able to remain under the radar. According to experts from Palo Alto Networks, the hackers also used new tools in recent attacks, recently the APT group has shifted focus in their interest, from NATO member […]

Pierluigi Paganini May 28, 2018
Researchers And The FBI Work Together to Take Down the Russian VPNFilter Botnet Targeting Home Routers

Researchers and the FBI are working together to take down the dreaded VPNFilter botnet composed of hundreds of thousands of compromised devices. For several months, there have been rumors and vague warnings about highly skilled adversaries targeting critical infrastructure. Last week we learned some details about the warning, why you might be impacted and how […]

Pierluigi Paganini May 24, 2018
Justice Department announces actions to disrupt the VPNFilter botnet

The Justice Department announced an effort to disrupt the VPNFilter botnet of hundreds of thousands of infected home and office (SOHO) routers and other networked devices under the control of a Russia-linked APT group. Yesterday Talos and other security firm revealed the discovery of a huge botnet tracked as VPNFilter composed of more than 500,000 compromised routers and […]

Pierluigi Paganini May 23, 2018
Huge Russia-Linked botnet VPNFilter ready to launch a massive attack on Ukraine

Security firm Talos along with other cybersecurity firms and law enforcement agencies have uncovered a huge botnet dubbed VPNFilter, composed of more than 500,000 compromised routers and network-attached storage (NAS) devices. The experts believe the VPNFilter was developed by Russia and the associated malware appears to be very sophisticated, at the time they discovered more than 500,000 compromised devices across […]

Pierluigi Paganini May 23, 2018
Turla APT group leverages for the first time the Metasploit framework for the Mosquito campaign

Security experts from ESET observed the Turla APT group leveraging for the first time the Metasploit framework in the Mosquito campaign The Russia-linked Turla APT group continues its cyber espionage campaigns shifting towards more generic tools to remain under the radar. Turla is the name of a Russian cyber espionage APT group (also known as […]

Pierluigi Paganini May 15, 2018
Dutch Government plans to phase out the use of Kaspersky solutions

Dutch Government plans to phase out the use of Kaspersky solutions while the security firm confirmed that its code infrastructure is going to move to Switzerland. The antivirus firm Kaspersky Lab made the headlines again, the company confirmed that its code infrastructure is going to move to Switzerland. The news arrives just after the comment from the Netherlands […]

Pierluigi Paganini May 03, 2018
Fancy Bear abuses LoJack security software in targeted attacks

Recently, several LoJack agents were found to be connecting to servers that are believed to be controlled by the notorious Russia-linked Fancy Bear APT group. LoJack for laptops is a security software designed to catch computer thieves, but it could be theoretically abused to spy on legitimate owners of the device. LoJack could be used to locate […]