2000, Information Security and Ransomware

Romanian energy supplier Electrica Group is facing a ransomware attack

Security Affairs

DECEMBER 9, 2024

Romanian energy supplier Electrica Group is investigating an ongoing ransomware attack impacting its operations. The company assured investors that the attack hadn’t affected its critical systems, but temporary disruptions in customer services might occur due to enhanced security protocols. The company serves over 3.8

Ransomware

Ransomware Cyber Attacks Cybercrime Marketing

Study shows connections between 2000 malware samples used by Russian APT groups

Security Affairs

SEPTEMBER 26, 2019

Beginning with the first publicly known attacks by Moonlight Maze , in 1996, the Pentagon breach in 2008, Blacking out Kyiv in 2016, hacking the United States elections in 2016, and including some of the largest, most infamous cyberattacks in history, targeting an entire nation with NotPetya ransomware.” Pierluigi Paganini.

Malware

Malware Hacking Advertising Ransomware

RansomBoggs Ransomware hit several Ukrainian entities, experts attribute it to Russia

Security Affairs

NOVEMBER 28, 2022

Several Ukrainian organizations were hit by Russia-based RansomBoggs Ransomware in the last week, ESET reports. Researchers from ESET observed multiple attacks involving a new family of ransomware, tracked as RansomBoggs ransomware, against Ukrainian organizations. MSIL/Filecoder.RansomBoggs.A

Ransomware

Ransomware Encryption Telecommunications Malware

Russia-linked APT Seashell Blizzard is behind the long running global access operation BadPilot campaign

Security Affairs

FEBRUARY 13, 2025

Seashell Blizzard (aka Sandworm , BlackEnergy and TeleBots ) has been active since 2000, it operates under the control of Unit 74455 of the Russian GRUs Main Center for Special Technologies (GTsST). The group also created the NotPetya ransomware that hit hundreds of companies worldwide in June 2017.

Telecommunications

Telecommunications DNS Hacking Passwords

SonicWall warns of ‘imminent ransomware’ attacks on its EOL products

Security Affairs

JULY 15, 2021

SonicWall has issued an urgent security alert to warn customers of “ an imminent ransomware campaing ” targeting EOL equipment. SonicWall has issued an urgent security alert to warn companies of “ an imminent ransomware campaing ” targeting some of its equipment that reached end-of-life (EoL). continues the alert.

Firmware

Firmware Ransomware Passwords Mobile

Russia-linked IRIDIUM APT linked to Prestige ransomware attacks against Ukraine

Security Affairs

NOVEMBER 11, 2022

Microsoft linked Prestige ransomware attacks against organizations in Ukraine and Poland to Russia-linked threat actors. Microsoft has identified a new ransomware strain "Prestige" in limited targeted attacks in Ukraine and Poland. The campaign shares victimology with recent operations conducted by Russia-linked threat actors.

Ransomware

Ransomware Telecommunications DNS Hacking

Security Affairs newsletter Round 349

Security Affairs

JANUARY 16, 2022

Threat actors stole $18.7M Threat actors stole $18.7M Threat actors stole $18.7M US NCSC and DoS share best practices against surveillance tools Swiss army asks its personnel to use the Threema instant-messaging app Russian submarines threatening undersea cables, UK defence chief warns.

Surveillance

Surveillance Ransomware Hacking Malware

Security Affairs newsletter Round 457 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

FEBRUARY 4, 2024

Ransomware Revenue Down As More Victims Refuse to Pay Energy giant Schneider Electric hit by Cactus ransomware attack Hundreds Of Network Operators’ Credentials Found Circulating In Dark Web Fla.

Identity Theft

Identity Theft Malware VPN Ransomware

France agency ANSSI links Russia’s Sandworm APT to attacks on hosting providers

Security Affairs

FEBRUARY 15, 2021

Sandworm (aka BlackEnergy and TeleBots) has been active since 2000, it operates under the control of Unit 74455 of the Russian GRU’s Main Center for Special Technologies (GTsST). The group is also the author of the NotPetya ransomware that hit hundreds of companies worldwide in June 2017, causing billions worth of damage.

Software

Software VPN Internet Internet

Previously unknown Kapeka backdoor linked to Russian Sandworm APT

Security Affairs

APRIL 18, 2024

WithSecure noticed overlaps between Kapeka and GreyEnergy and the Prestige ransomware attacks which are attributed to the Russia-linked Sandworm APT group. The group is also the author of the NotPetya ransomware that hit hundreds of companies worldwide in June 2017.

Malware

Malware Ransomware Hacking Technology

Russia-linked APT Sandworm was inside Ukraine telecoms giant Kyivstar for months

Security Affairs

JANUARY 5, 2024

The Sandworm group (aka BlackEnergy , UAC-0082 , Iron Viking , Voodoo Bear , and TeleBots ) has been active since 2000, it operates under the control of Unit 74455 of the Russian GRU’s Main Center for Special Technologies (GTsST).

Mobile

Mobile Telecommunications Cyber Attacks Internet

Security Affairs newsletter Round 433 by Pierluigi Paganini – International edition

Security Affairs

AUGUST 20, 2023

Over 3,000 Android Malware spotted using unsupported/unknown compression methods to avoid detection WinRAR flaw enables remote code execution of arbitrary code #OpFukushima: Anonymous group protests against the plan to dump Fukushima RADIOACTIVE wastewater into Pacific Massive phishing campaign targets users of the Zimbra Collaboration email server (..)

Cybercrime

Cybercrime Hacking Malware Phishing

Sandworm APT targets Ukraine with new SwiftSlicer wiper

Security Affairs

JANUARY 28, 2023

1/3 pic.twitter.com/pMij9lpU5J — ESET Research (@ESETresearch) January 27, 2023 The Sandworm group has been active since 2000, it operates under the control of Unit 74455 of the Russian GRU’s Main Center for Special Technologies (GTsST). We attribute this attack to #Sandworm.

Telecommunications

Telecommunications Malware Hacking Technology

Russia-linked Sandworm APT compromised 11 Ukrainian telecommunications providers

Security Affairs

OCTOBER 17, 2023

The Sandworm group (aka BlackEnergy , UAC-0082 , Iron Viking , Voodoo Bear , and TeleBots ) has been active since 2000, it operates under the control of Unit 74455 of the Russian GRU’s Main Center for Special Technologies (GTsST).

Telecommunications

Telecommunications Authentication Data collection Passwords

US and UK link new Cyclops Blink malware to Russian state hackers?

Security Affairs

FEBRUARY 23, 2022

US and UK cybersecurity and law enforcement agencies published a joint security advisory about a new malware, dubbed Cyclops Blink, that has been linked to the Russian-backed Sandworm APT group. The group is also the author of the NotPetya ransomware that hit hundreds of companies worldwide in June 2017, causing billions worth of damage.

Malware

Malware Firmware Architecture Firewall

Russian Sandworm disrupts power in Ukraine with a new OT attack

Security Affairs

NOVEMBER 9, 2023

The Sandworm group (aka BlackEnergy , UAC-0082 , Iron Viking , Voodoo Bear , and TeleBots ) has been active since 2000, it operates under the control of Unit 74455 of the Russian GRU’s Main Center for Special Technologies (GTsST).

Telecommunications

Telecommunications Hacking Technology Internet

Security Affairs newsletter Round 233

Security Affairs

SEPTEMBER 29, 2019

Campbell County Memorial Hospital in Wyoming hit by ransomware attack. Emsisoft releases a free decryptor for the WannaCryFake ransomware. Study shows connections between 2000 malware samples used by Russian APT groups. Emsisoft released a new free decryption tool for the Avest ransomware. The Dumb-Proof Guide.

Data breaches

Data breaches Malware Advertising Ransomware

Sandworm APT group hit Ukrainian news agency with five data wipers

Security Affairs

JANUARY 30, 2023

The Sandworm group has been active since 2000, it operates under the control of Unit 74455 of the Russian GRU’s Main Center for Special Technologies (GTsST). The group is also the author of the NotPetya ransomware that hit hundreds of companies worldwide in June 2017.

Telecommunications

Telecommunications Malware Hacking Technology

Google TAG warns of Russia-linked APT groups targeting Ukraine

Security Affairs

APRIL 20, 2023

FROZENLAKE, aka Sandworm , has been active since 2000, it operates under the control of Unit 74455 of the Russian GRU’s Main Center for Special Technologies (GTsST). The group is also the author of the NotPetya ransomware that hit hundreds of companies worldwide in June 2017. .” reads the report published by the Google TAG.

Phishing

Phishing Education Accountability Telecommunications

Russia-linked Sandworm APT uses WinRAR in destructive attacks on Ukraine’s public sector

Security Affairs

MAY 4, 2023

The Sandworm group (aka BlackEnergy , UAC-0082 , Iron Viking , Voodoo Bear , and TeleBots ) has been active since 2000, it operates under the control of Unit 74455 of the Russian GRU’s Main Center for Special Technologies (GTsST). The group is also the author of the NotPetya ransomware that hit hundreds of companies worldwide in June 2017.

VPN

VPN Accountability Education Cyber Attacks

Russia-linked Sandworm continues to conduct attacks against Ukraine

Security Affairs

MAY 21, 2022

Security experts from ESET reported that the Russia-linked cyberespionage group Sandworm continues to launch cyber attacks against entities in Ukraine. Sandworm (aka BlackEnergy and TeleBots ) has been active since 2000, it operates under the control of Unit 74455 of the Russian GRU’s Main Center for Special Technologies (GTsST).

Malware

Malware Government Cyber Attacks Hacking

CISA adds WatchGuard flaw to its Known Exploited Vulnerabilities Catalog

Security Affairs

APRIL 12, 2022

Sandworm (aka BlackEnergy and TeleBots) has been active since 2000, it operates under the control of Unit 74455 of the Russian GRU’s Main Center for Special Technologies (GTsST). The group is also the author of the NotPetya ransomware that hit hundreds of companies worldwide in June 2017, causing billions worth of damage.

Firmware

Firmware Malware Cybersecurity Hacking

Russian Sandworm APT impersonates Ukrainian telcos to deliver malware

Security Affairs

SEPTEMBER 21, 2022

Multiple security firms have reported that the Sandworm APT continues to target Ukraine with multiple means, including custom malware and botnet like Cyclops Blink. Sandworm (aka BlackEnergy and TeleBots ) has been active since 2000, it operates under the control of Unit 74455 of the Russian GRU’s Main Center for Special Technologies (GTsST).

Malware

Malware Telecommunications DNS Hacking

Russia-linked Cyclops Blink botnet targeting ASUS routers

Security Affairs

MARCH 18, 2022

In February, US and UK cybersecurity and law enforcement agencies published a joint security advisory about the Cyclops Blink bot that has been linked to the Russian-backed Sandworm APT group. The group is also the author of the NotPetya ransomware that hit hundreds of companies worldwide in June 2017, causing billions worth of damage.

IoT

IoT Firewall Malware Internet

Leaked documents from Russian firm NTC Vulkan show Sandworm cyberwarfare arsenal

Security Affairs

APRIL 2, 2023

The Sandworm group (aka BlackEnergy , UAC-0082 , Iron Viking , Voodoo Bear , and TeleBots ) has been active since 2000, it operates under the control of Unit 74455 of the Russian GRU’s Main Center for Special Technologies (GTsST).

Energy and Utilities

Energy and Utilities Media Hacking Technology

US dismantled the Russia-linked Cyclops Blink botnet

Security Affairs

APRIL 6, 2022

.” In February, US and UK cybersecurity and law enforcement agencies published a joint security advisory about a new malware, dubbed Cyclops Blink, that has been linked to the Russian-backed Sandworm APT group.

Malware

Malware Government Firmware Firewall

Best SIEM Tools & Software for 2022

eSecurity Planet

AUGUST 15, 2022

Company Product Est HQ Fortinet FortiSIEM 2000 Sunnyvale, CA LogPoint LogPoint SIEM 2001 Copenhagen, Denmark Micro Focus ArcSight Enterprise Security Manager 1976 London, UK Rapid7 Rapid7 SIEM 2000 Boston, MA Trellix SecOps and Analytics 2022 Milpitas, CA. Fortinet FortiSIEM. Elastic Features. RSA NetWitness Features.

Software

Software Small Business Marketing Firewall

McAfee Enterprise ATR Uncovers Vulnerabilities in Globally Used B. Braun Infusion Pump

McAfee

AUGUST 24, 2021

From the 1960’s to 2000 infusion pumps were mostly electromechanical devices with some embedded electronics, but the turn of the century delivered “smarter” devices with better safety mechanisms and the possibility to program them, which slowly opened the door to information security challenges.

Computers and Electronics

Computers and Electronics Authentication Software Risk

The Hacker Mind Podcast: Hacking Healthcare

ForAllSecure

JANUARY 15, 2021

I’m Robert Vamosi and this episode about best practices in information security, and how critical life services, in particular, remain at risk today -- in the middle of a global pandemic. Welcome to the Hacker Mind, an original podcast from ForAllSecure. So, site going down. Vamosi: Think about that.

Healthcare

Healthcare Hacking InfoSec Software

The Hacker Mind Podcast: Hacking Healthcare

ForAllSecure

JANUARY 15, 2021

I’m Robert Vamosi and this episode about best practices in information security, and how critical life services, in particular, remain at risk today -- in the middle of a global pandemic. Welcome to the Hacker Mind, an original podcast from ForAllSecure. So, site going down. Vamosi: Think about that.

Healthcare

Healthcare Hacking InfoSec Software

EP 49: LoL

ForAllSecure

JUNE 21, 2022

Kyle Hanslovan CEO of Huntress Labs joins The Hacker Mind to discuss recent LoL attacks, specifically the Microsoft Follina attack and the Kaseya ransomware attack, and how important it is for small and medium sized businesses to start using enterprise grade security, given the evolving nature of these attacks. I'm Robert Vamosi.

Ransomware

Ransomware Marketing Software Antivirus

LockBit is back and threatens to target more government organizations

Security Affairs

FEBRUARY 25, 2024

Last week, a joint law enforcement action, code-named Operation Cronos , conducted by law enforcement agencies from 11 countries disrupted the LockBit ransomware operation. The operation led to the arrest of two members of the ransomware gang in Poland and Ukraine and the seizure of hundreds of crypto wallets used by the group.

Government

Government Hacking Cryptocurrency Penetration Testing

Cyber Security Informer

Romanian energy supplier Electrica Group is facing a ransomware attack

Study shows connections between 2000 malware samples used by Russian APT groups

Trending Sources

RansomBoggs Ransomware hit several Ukrainian entities, experts attribute it to Russia

Russia-linked APT Seashell Blizzard is behind the long running global access operation BadPilot campaign

SonicWall warns of ‘imminent ransomware’ attacks on its EOL products

Russia-linked IRIDIUM APT linked to Prestige ransomware attacks against Ukraine

Security Affairs newsletter Round 349

Security Affairs newsletter Round 457 by Pierluigi Paganini – INTERNATIONAL EDITION

France agency ANSSI links Russia’s Sandworm APT to attacks on hosting providers

Previously unknown Kapeka backdoor linked to Russian Sandworm APT

Russia-linked APT Sandworm was inside Ukraine telecoms giant Kyivstar for months

Security Affairs newsletter Round 433 by Pierluigi Paganini – International edition

Sandworm APT targets Ukraine with new SwiftSlicer wiper

Russia-linked Sandworm APT compromised 11 Ukrainian telecommunications providers

US and UK link new Cyclops Blink malware to Russian state hackers?

Russian Sandworm disrupts power in Ukraine with a new OT attack

Security Affairs newsletter Round 233

Sandworm APT group hit Ukrainian news agency with five data wipers

Google TAG warns of Russia-linked APT groups targeting Ukraine

Russia-linked Sandworm APT uses WinRAR in destructive attacks on Ukraine’s public sector

Russia-linked Sandworm continues to conduct attacks against Ukraine

CISA adds WatchGuard flaw to its Known Exploited Vulnerabilities Catalog

Russian Sandworm APT impersonates Ukrainian telcos to deliver malware

Russia-linked Cyclops Blink botnet targeting ASUS routers

Leaked documents from Russian firm NTC Vulkan show Sandworm cyberwarfare arsenal

US dismantled the Russia-linked Cyclops Blink botnet

Best SIEM Tools & Software for 2022

McAfee Enterprise ATR Uncovers Vulnerabilities in Globally Used B. Braun Infusion Pump

The Hacker Mind Podcast: Hacking Healthcare

The Hacker Mind Podcast: Hacking Healthcare

EP 49: LoL

LockBit is back and threatens to target more government organizations

Stay Connected