Hackers use Conti's leaked ransomware to attack Russian companies
A hacking group used the Conti's leaked ransomware source code to create their own ransomware to use in cyberattacks against Russian organizations. [...]
Coverage of cybersecurity incidents, policy, privacy, public services, advisories, and regional developments connected to Russia.
Search across headline titles and summaries.
Background for this topic.
Russia covers cybersecurity and information-security developments connected to Russia, including incidents, policy, privacy, advisories, research, and news affecting organizations, public services, and digital systems in the area.
For practitioners, the tag provides geographic context for developments involving Russia's organizations, services, partners, and users. Individual articles provide the specific technologies, threats, sectors, and operational implications relevant to each development.
A hacking group used the Conti's leaked ransomware source code to create their own ransomware to use in cyberattacks against Russian organizations. [...]
Online attacks follow suspected airspace violation by Russian aircraft Cyberattacks took down Finnish government websites on Friday while Ukrainian President Volodymyr Zelenskyy addressed Finland's members of parliament (MPs).…
The operation aimed to disrupt cyber espionage activity a Russian GRU group was using for the Ukraine war.
Software giant sinkholes systems used by Russian gang Microsoft this week seized seven internet domains run by Russia-linked threat group Strontium, which was using the infrastructure to target Ukrainian institutions as well as think tanks in the US and EU, apparently to support Russian's invasion of its neighbor.…
Today, the U.S. has announced exemptions on previously imposed sanctions on Russia related to telecommunications and internet-based communications, likely to prevent Russians from being isolated from Western news sources. [...]
Tech giant disrupts APT28 but warns of all-out cyber-offensive
Microsoft on Thursday disclosed that it obtained a court order to take control of seven domains used by APT28, a state-sponsored group operated by Russia's military intelligence service, with the goal of neutralizing its attacks on Ukraine
Microsoft has successfully disrupted attacks against Ukrainian targets coordinated by the Russian APT28 hacking group after taking down seven domains used as attack infrastructure. [...]
The U.S. Federal Bureau of Investigation (FBI) says it has disrupted a giant botnet built and operated by a Russian government intelligence unit known for launching destructive cyberattacks against energy infrastructure in the United States and Ukraine. Separately, law enforcement agencies in the U.S. and Germany moved to decapitate "Hydra," a billion-dollar Russian darknet drug bazaar that also helped to launder the profits of multiple Russian ransomware groups.
Plus more financially motivated miscreants try to monetize invasion Facebook is fighting a surge in cyber-espionage attempts and misinformation campaigns related to the Russian invasion of Ukraine, according to a new report by parent group Meta.…
A statement allegedly from Gazprom CEO Alexie Miller was briefly displayed on the website
Coordinated effort removes malware from C&C devices
The U.S. Department of Justice (DoJ) announced that it neutralized Cyclops Blink, a modular botnet controlled by a threat actor known as Sandworm, which has been attributed to the Main Intelligence Directorate of the General Staff of the Armed Forces of the Russian Federation (GRU)
"Cyclops Blink" operation disabled firewalls behind the Sandworm hacking team's network of infected victim devices.
Ukrtelecom claimed Russian hackers launched the attacks after compromising the credentials of an employee in an occupied area of the country
US government officials announced today the disruption of the Cyclops Blink botnet controlled by the Russian-backed Sandworm hacking group before being used in attacks. [...]
Threat actors target Office 365 and Google Workspace in a new campaign, which uses a legitimate domain associated with a road-safety center in Moscow to send messages.
The U.S. Treasury Department on Tuesday sanctioned Hydra, the same day German law enforcement authorities disrupted the world's largest dark web marketplace as part of a coordinated operation in partnership with U.S. officials
US chipmaker Intel announced Tuesday night that it had suspended all business operations in Russia, joining tech other companies who pulled out of the country due to the invasion of Ukraine. [...]
US also charges Russia-based web host owner regarding cyber-crime market US and German federal agencies came down hard on Hydra, the longest-running known dark-web marketplace trafficking in illegal drugs and money-laundering services, with a multi-pronged attack that aimed to cut off multiple heads of the nefarious online beast.…