Pierluigi Paganini
September 21, 2024
Ukraine’s NCCC banned the Telegram app for government agencies, military, and critical infrastructure, due to national security concerns. Ukraine’s National Coordination Centre for Cybersecurity (NCCC) has banned the Telegram messaging app on government agencies, military, and critical infrastructure, due to national security concerns. The ban does not affect Ukrainian citizens. On September 19, Ukraine announced […]
Pierluigi Paganini
September 04, 2024
A group of hacktivist known as Head Mare took advantage of the recent CVE-2023-38831 WinRAR flaw in attacks against organizations in Russia and Belarus. Kaspersky researchers reported that a hacktivist group known as Head Mare exploited recently disclosed WinRAR flaw CVE-2023-38831 in attacks against organizations in Russia and Belarus. Head Mare has been active since at least 2023 exclusively targeting companies in Russia […]
Pierluigi Paganini
August 21, 2024
The Computer Emergency Response Team of Ukraine (CERT-UA) warned of new phishing attacks, carried out by the Vermin group, distributing a malware. The Computer Emergency Response Team of Ukraine (CERT-UA) has warned of a new phishing campaign conducted by the Vermin group that distributed malware. Vermin is a pro-Russian hacker group, also tracked as UAC-0020, that operates under […]
Pierluigi Paganini
July 29, 2024
Belarus-linked APT group GhostWriter targeted Ukrainian organizations with a malware family known as PicassoLoader, used to deliver various malicious payloads. The Ukrainian Government’s Computer Emergency Response Team (CERT-UA) reported a surge in activity associated with the APT group UAC-0057 (aka GhostWriter) group between July 12 and 18, 2024. Threat actors distributed documents containing macros designed […]
Pierluigi Paganini
July 27, 2024
Ukraine launched a massive cyber operation that shut down the ATM services of the biggest Russian banks on July 27, reported the Kyiv Post. Ukraine has launched a massive cyberattack against ATMs of Russian banks, the cyber operation began on July 23. “This is an opportune moment to fully implement the Kremlin’s long-desired ‘import substitution’ […]
Pierluigi Paganini
July 23, 2024
In April 2024, Dragos researchers spotted the malware FrostyGoop that interacts with Industrial Control Systems (ICS) using the Modbus protocol. In April 2024, Dragos researchers discovered a new ICS malware named FrostyGoop that interacts with Industrial Control Systems using the Modbus protocol. FrostyGoop is the ninth ICS malware that was discovered an that a nation-state […]
Pierluigi Paganini
June 28, 2024
The US DoJ announced charges against a member of Russia’s military intelligence service GRU for conducting wiper attacks on Ukraine in 2022. The US Department of Justice (DoJ) announced charges against Russian national Amin Timovich Stigal, who is a member of Russia’s military intelligence service GRU, for conducting wiper attacks on Ukraine in 2022. The […]
Pierluigi Paganini
June 14, 2024
Ukraine’s security service (SBU) detained two individuals accused of supporting Russian intelligence in spreading propaganda and hacking soldiers’ phones. Ukraine’s security service, the SBU, detained two individuals who are accused of supporting Russian intelligence in spreading pro-Russia propaganda. They are also accused of hacking the phones of Ukrainian soldiers. The arrests result from an investigation conducted by […]
Pierluigi Paganini
June 07, 2024
Ukraine CERT-UA warned of cyber attacks targeting defense forces with SPECTR malware as part of a cyber espionage campaign dubbed SickSync. The Computer Emergency Response Team of Ukraine (CERT-UA) warned of cyber espionage campaign targeting defense forces in the country. The Ukrainian CERT attributes the attack to the threat actor UAC-0020 which employed a malware […]
Pierluigi Paganini
June 02, 2024
Russia-linked threat actor FlyingYeti is targeting Ukraine with a phishing campaign to deliver the PowerShell malware COOKBOX. Cloudflare researchers discovered phishing campaign conducted by a Russia-linked threat actor FlyingYeti (aka UAC-0149) targeting Ukraine. The experts published a report to describe real-time effort to disrupt and delay this threat activity. At the beginning of Russia’s invasion of Ukraine […]
