RomCom Malware Woos Victims With 'Wrapped' SolarWinds, KeePass Software
An analysis of the RomCom APT shows the group is expanding its efforts beyond the Ukrainian military into the UK and other English-speaking countries.
Military systems depend on secure communications, control systems, and logistics networks, where cyber incidents can disrupt missions and endanger personnel.
Search across headline titles and summaries.
Background for this topic.
Military covers armed forces and the systems supporting defense operations, including classified networks, command-and-control, tactical communications, weapons platforms, intelligence repositories, logistics, and personnel identity systems. These environments depend on trusted data, resilient communications, precise timing and positioning, and mission availability; failures or manipulation can affect safety and operational decisions, not just confidentiality.
Security priorities include separating networks and privileges by mission and clearance, protecting endpoints and embedded or operational technology, and validating software, hardware, and maintenance suppliers. Remote access, contractor and allied connections, legacy equipment, and intermittent or contested connectivity create important attack surfaces. Controls commonly include strong authentication, encryption, secure configuration, vulnerability and patch management, offline or degraded-mode operation, and tested recovery and incident-response procedures. Classified or personal data also requires strict access logging, retention, and applicable national-security and privacy controls.
An analysis of the RomCom APT shows the group is expanding its efforts beyond the Ukrainian military into the UK and other English-speaking countries.
A 26-year-old Ukrainian man is awaiting extradition to the United States on charges that he acted as a core developer for Raccoon, a "malware-as-a-service" offering that helped paying customers steal passwords and financial data from millions of cybercrime victims. KrebsOnSecurity has learned that the defendant was busted in March 2022, after fleeing mandatory military service in Ukraine in the weeks following the Russian invasion.