The Chinese state-sponsored APT group TA416 (aka Mustang Panda/Red Delta) has been found targeting European government agencies and diplomatic entities that deliver services for Ukrainian refugees and migrants who flee from Russian aggression. A detailed analysis shows that attackers primarily aim at conducting long-term cyber-espionage campaigns rather than chasing immediate gains. The research conducted by […]
A novel bug dubbed Dirty Pipe (CVE-2022-0847) enables privilege escalation and allows attackers to gain root access by overwriting data in read-only files and SUID binaries. The weakness lies in the faulty handling of pipe buffer flags by Linux Kernel. The name refers to a Linux mechanism of processesā interaction within the OS, dubbed a […]
One of the fiercest Russia-backed ransomware actors, Conti Group, has become a victim of a data breach. On February 27, 2022, a mysterious Twitter member @ContiLeaks started publishing a series of posts linking to archives with private messages and the source code of Conti. Other posts of a whistleblower make it quite obvious that he […]
On Feb 24, 2022, Ukraine woke up to multiple shelling attacks across the country as Russia aggressively invaded its neighbor, violating all current international agreements. Russian troops and tanks attacked Ukrainian borders on the East, West, and North, sent by the Kremlin as a next savage step in the continuous violation of territorial integrity of […]
On February 24, 2022, Russia launched a full-scale invasion of Ukraine. Russia has called this a āSpecial Military Operationā for peacekeeping aimed at the āLiberation of Ukraineā. The facts illustrate something altogether different as destruction has been massive and civilian populations have suffered greatly. The war has cost the lives of 2,000 civilians, and the […]
On February 23, 2022, prior to Russiaās offensive invasion of Ukraine, a new surge of digital threats hit Ukraine just a short period after an avalanche of cyber-attacks involving data-wiping WhisperGate and HermeticWiper malware strains targeted at Ukrainian entities. Microsoft Security Intelligence Center discovered a series of attacks leveraging a novel FoxBlade malware targeting multiple […]
Collaborative Cyber Defense: Fueling the Fight to Combat Threats of Any Scale As we all now know, on February 24, 2022, the Russian Federation started an offensive invasion of Ukraine by land, air, and sea. The hostilities have now been ongoing for almost a week with Russian tanks rolling into Ukrainian territory and its missiles […]
On January 13, 2022, a devastating cyber-attack hit Ukraine, taking down online assets of the countryās government, in which attackers took advantage of a new data-wiping malware known as WhisperGate. Hard on the heels of this impactful incident, on February 23, cybersecurity analysts revealed another destructive malware targeting Ukrainian organizations dubbed HermeticWiper. This newly discovered […]
The Federal Bureau of Investigation (FBI) and the U.S. Secret Service (USSS) released a joint cybersecurity advisory in regards to the activities of the BlackByte Ransomware-as-a-Service (RaaS) gang. BlackByte ransomware has been used against the businesses located in the USA as the primary targets. The greatest costs fall heavily on the critical infrastructure sectors such […]
One of the most notorious exploits of 2021 made its loud entrance in the cybersecurity world in December, and now Log4Shell is back on the radar: Iran-linked TunnelVision APT did not let it rest in peace, striking with profiteering from VMware Horizon Log4j vulnerabilities, along with large-scale exploitation of Fortinet FortiOS (CVE-2018-13379) and Microsoft Exchange […]