Pierluigi Paganini
April 12, 2019
In mid-March, a suspicious Office document referencing the Ukraine elections appeared in the wild, is it related to APT28 and upcoming elections? Introduction In mid-March, a suspicious Office document referencing the Ukraine elections appeared in the wild. This file was uncommon, it seemed carefully prepared and was speaking about who is leading in the elections […]
Pierluigi Paganini
January 26, 2019
The Ukrainian authorities are observing a surge in allege state-sponsored attacks aimed at disrupting the upcoming presidential election. Ukraine reported a surge in cyber attacks aimed at disrupting the upcoming presidential election, the Government believes that Russian nation-state actors could be responsible for them. The news was reported by Reuters, attackers intensified attacks against the […]
Pierluigi Paganini
December 06, 2018
Ukraine is accusing Russian intelligence services of carrying out cyberattacks against one of its government organizations. Ukraine’s security service SBU announced to have blocked a cyber attack launched by Russian intelligence aimed at breaching information and telecommunications systems used by the country’s judiciary. Attackers launched a spear phishing attack using messages purporting to deliver accounting documents. […]
Pierluigi Paganini
October 15, 2018
The Security Service of Ukraine (SBU) uncovered a new targeted attack launched by BlackEnergy APT on the IT systems of Ukrainian government entities. The Security Service of Ukraine (SBU) uncovered a new targeted attack on the information and telecommunication systems of Ukrainian government entities. The SBU attributed the attack to the BlackEnergy Russia-linked APT group. “The […]
Pierluigi Paganini
July 18, 2018
Security experts from ESET uncovered an ongoing cyber espionage campaign aimed at Ukrainian government institutions and involving three different RATs, including the custom-made VERMIN. Security researchers from ESET uncovered an ongoing cyber espionage campaign aimed at Ukrainian government institutions, attackers used at least three different remote access Trojans (RATs). The campaign was first spotted in January by […]
Pierluigi Paganini
July 13, 2018
Ukraine ‘s SBU Security Service reportedly stopped VPNFilter attack at chlorine station, the malware infected the network equipment in the facility that supplies water treatment and sewage plants. According to the Interfax-Ukraine media outlet, the VPNFilter hit the LLC Aulska station in Auly (Dnipropetrovsk region), according to the experts the malware aimed at disrupting operations at the chlorine station. […]
Pierluigi Paganini
May 24, 2018
The Justice Department announced an effort to disrupt the VPNFilter botnet of hundreds of thousands of infected home and office (SOHO) routers and other networked devices under the control of a Russia-linked APT group. Yesterday Talos and other security firm revealed the discovery of a huge botnet tracked as VPNFilter composed of more than 500,000 compromised routers and […]
Pierluigi Paganini
March 08, 2018
Ukrainian Police supported by security firm Group-IB and other security firms dismantled a DDoS crime gang that blackmailed numerous companies worldwide. Another example of successful collaboration between law enforcement agencies and security firms in the fight against cybercrime, the case sees Ukrainian Police supported by security firm Group-IB and other security firms dismantling a DDoS […]
Pierluigi Paganini
January 08, 2018
Malware researchers at Talos group have discovered a strain of Zeus banking Trojan that abuses the legitimate website of the Ukraine-based accounting software developer Crystal Finance Millennium (CFM). The experts discovered that the version of the ZeuS banking Trojan used in this attack is the 2.0.8.9 that was leaked in 2011. The attack occurred in August […]
Pierluigi Paganini
August 11, 2017
The Cyber Police of Ukraine arrested a Ukraine man that allegedly distributed the NotPetya/ExPetr malware resulting in the infection of 400 computers. Sergey Neverov, a 51-year-old man, has been arrested, on Saturday 5 August, by Ukrainian Cyber Police on accusations of distributing a version of the NotPetya(Petya.A) ransomware after the initial attack event of late […]
