'FrostyNeighbor' APT Carefully Targets Govt Orgs in Poland, Ukraine
Attackers uniquely fingerprint victims before delivering spear-phishing payloads aimed at espionage, in the latest campaign from the Belarussian nation-state threat group.
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
Attackers uniquely fingerprint victims before delivering spear-phishing payloads aimed at espionage, in the latest campaign from the Belarussian nation-state threat group.
Attackers impersonate the National Police of Ukraine to deploy Amatera Stealer and PureMiner, using malicious Scalable Vector Graphics to trick victims.
A Russian APT known as "Gamaredon" is using spear-phishing attacks and network-drive weaponization to target government entities in Ukraine.
While Ukraine remains Russia's major target for cyberattacks, TAG-110 is part of a strategy to preserve "a post-Soviet sphere of influence" by embedding itself in other countries' infrastructures.
A cyber-espionage campaign is targeting Ukrainian government entities with a series of sophisticated spear-phishing attacks that exploit XSS vulnerabilities.
"Pig butchering," generative AI, and spear-phishing have all transformed digital warfare.
More than 100 Ukrainian government devices have been affected by the threat that is being tracked as UAC-0198.
The Russia-aligned FlyingYeti's phishing campaign exploited Ukrainian citizens' financial stress to spread Cookbox malware.
The group, best known for 2016 US election interference and other attacks on Ukraine, used phishing emails offering pictures of women to lure its victim into opening a malicious attachment.
The phishing emails were sent using names of system administrators and a letter containing instructions to protect against hackers.
Attackers continued to favor software exploits, phishing, and stolen credentials as initial-access methods last year, as Log4j and the Russia-Ukraine cyber conflict changed the threat landscape.
The initial access broker (IAB) for ransomware gangs known as UAC-0098 has targeted Ukrainian organizations in five separate phishing campaigns spanning April to August.
Among them is the operator of the Ghostwriter misinformation campaign, with a new browser-in-browser phishing technique, according to Google's research team.
Ukraine military personnel being targeted with mass phishing emails, country's CERT warns.
Ukraine's Computer Emergency Response Team calls out UNIC1151 nation-state hacking group out of Belarus as behind the attacks.