Just a couple of weeks ago, CERT-UA raised awareness among the global cyber defender community about an ongoing cyber-espionage campaign targeting Ukraine and organizations in Central Asia linked to the UAC-0063 group. In early June, CERT-UA researchers issued another alert covering the long-term cyber-espionage activity mainly exploiting the email attack vector and targeting Ukrainian government […]
Hot on the heels of the massive phishing attacks launched by UAC-0006 at the beginning of May 2023, CERT-UA warns cyber defenders of a new wave of cyber attacks resulting in SmokeLoader infections. The latest investigation indicates that adversaries increasingly spread phishing emails with financial subject lures and use ZIP/RAR attachments to drop malicious samples […]
Since the outbreak of the full-scale war in Ukraine, cyber defenders have identified the growing volumes of cyber-espionage campaigns aimed at collecting intelligence from the Ukrainian state bodies. On May 22, 2023, CERT-UA researchers issued a new alert warning the global cyber defender community of an ongoing cyber-espionage campaign targeting the information and communication system […]
The financially-motivated hacking collective tracked as UAC-0006 comes back to the cyber threat arena exploiting the phishing attack vector and distributing the SmokeLoader malware. According to the latest CERT-UA cybersecurity alert, threat actors massively distribute phishing emails exploiting the compromised accounts with the financially related email subject and using a malicious ZIP attachment to deploy […]
Since the outbreak of the global cyber war, state bodies of Ukraine and its allies have become targets of diverse malicious campaigns launched by multiple hacking collectives. Experts estimate a 250% surge of cyber attacks against Ukraine in 2022 and over 2,000 of them launched by russia-affiliated threat actors since the beginning of the full-fledged […]
The infamous russian nation-backed hacking collective tracked as APT28 or UAC-0001, which has a history of targeted attacks against Ukrainian government agencies, reemerges in the cyber threat arena. The latest CERT-UA#6562 alert confirms that over April 2023, the hacking collective has been leveraging the phishing attack vector to massively distribute spoofed emails among Ukrainian state […]
With a 250% surge of cyber attacks against Ukraine in 2022 and over 2,000 of them launched by russia-affiliated threat actors since the outbreak of the full-fledged war, cyber defenders are looking for ways to help Ukraine and its allies boost their cyber resilience. On April 3, 2023, CERT-UA issued a new alert covering the […]
Approaching the date of one-year anniversary of the outbreak of full-fledged war in Ukraine, cyber defenders addressed the risks of potential attacks against Ukraine and its allies by russian offensive forces. On February 23, CERT-UA cybersecurity researchers revealed the malicious activity attributed to the UAC-0056 hacking group, which was observed in malicious campaigns against Ukraine […]
February 2023 can be marked as a month of ongoing adversary campaigns against Ukraine, exploiting the phishing attack vector and leveraging remote access software. Close on the heels of phishing attacks spreading Remcos RAT and abusing Remote Utilities software, another mass email distribution targeting Ukrainian organizations garners attention from cyber defenders. The latest CERT-UA#6011 alert […]
Hot on the heels of the massive email distribution in the recent malicious campaign targeting Ukrainian state bodies and leveraging Remcos (Remote Control and Surveillance) Trojan, threat actors exploit another remote administration software dubbed Remote Utilities to hit Ukrainian organizations. CERT-UA warns the global cyber defender community of ongoing phishing attacks attributed to the UAC-0096 […]