Security Affairs

MAY 23, 2022

Russia-linked APT group Turla was observed targeting the Austrian Economic Chamber, a NATO eLearning platform, and the Baltic Defense College. The researchers investigated the TURLA’s infrastructures starting from the domains in the TAG report: wkoinfo.webredirect[.]org Researchers from SEKOIA.IO org jadlactnato.webredirect[.]org.

Government 116

Government Hacking Cybersecurity Information Security 116

Security Affairs

JUNE 6, 2022

The actors are positioning themselves as an elite cyber offensive group targeting NATO infrastructure and performing cyberespionage to steal sensitive data. Prior to that, “Cyber Spetsnaz” members have been distributing domains assigned to the NATO infrastructure, by doing so they could plan an effective attack.

Government 139

Government DDOS Cyber Attacks Hacking 139

Security Affairs

OCTOBER 25, 2023

In March 2023, security firm Proofpoint observed the group actively exploiting vulnerabilities ( CVE-2022-27926 ) in unpatched Zimbra instances to gain access to the emails of NATO officials, governments, military personnel, and diplomats. The messages were sent from team.managment@outlook[.]com ” reads the analysis published by ESET.

Software 113

Software Government Phishing Internet 113

Security Affairs

APRIL 20, 2023

The researchers from Google TAG are warning of Russia-linked threat actors targeting Ukraine with phishing campaigns. Russia-linked threat actors launched large-volume phishing campaigns against hundreds of users in Ukraine to gather intelligence and aimed at spreading disinformation, states Google’s Threat Analysis Group (TAG).

Phishing 87

Phishing Education Accountability Telecommunications 87

Security Affairs

JULY 15, 2023

Russia-linked APT Gamaredon starts stealing data from victims between 30 and 50 minutes after the initial compromise The source code of the BlackLotus UEFI Bootkit was leaked on GitHub US CISA warns of Rockwell Automation ControlLogix flaws Indexing Over 15 Million WordPress Websites with PWNPress New AVrecon botnet remained under the radar for two (..)

Spyware 90

Spyware Hacking Data breaches Mobile 90

Security Affairs

JANUARY 9, 2023

In March 2022, the Google Threat Analysis Group (TAG) spotted phishing and malware attacks targeting Eastern European and NATO countries, including Ukraine. The researchers uncovered a phishing campaign conducted by the COLDRIVER (aka Calisto ) APT against a NATO Centre of Excellence and Eastern European militaries.

Phishing 77

Phishing Hacking Cybersecurity Passwords 77

Security Affairs

APRIL 3, 2022

Mar 31 – Google TAG details cyber activity with regard to the invasion of Ukraine. The Google TAG uses uncovered phishing attacks targeting Eastern European and NATO countries, including Ukraine. Anonymous continues its operations against Russia, the group announced the hack of the Russian investment firm Marathon Group.

DDOS 98

DDOS Hacking Mobile Internet 98

Security Affairs

JUNE 26, 2022

SecurityAffairs awarded as Best European Personal Cybersecurity Blog 2022 Crooks are using RIG Exploit Kit to push Dridex instead of Raccoon stealer Flagstar Bank discloses a data breach that impacted 1.5

Small Business 79

Small Business Spyware Data breaches Surveillance 79

Security Boulevard

APRIL 17, 2023

According to the Apache documentation, users must insert all IP filters inside the "<RequireAll>" tag (7). However, this tag was missing in the configuration used by threat actor. Additionally, they are expected to increasingly target NATO partners due to NATO's support of Ukraine during the Russian war.

Phishing 84

Phishing Social Engineering Malware Government 84

Security Affairs

JANUARY 18, 2024

The APT primarily targets NATO countries, but experts also observed campaigns targeting the Baltics, Nordics, and Eastern Europe regions, including Ukraine. Google TAG researchers warn that COLDRIVER is evolving tactics, techniques and procedures (TTPs), to improve its detection evasion capabilities. ” reads TAG’s analysis.

Phishing 94

Phishing Malware Encryption Accountability 94

Security Affairs

OCTOBER 5, 2023

In mid-September, researchers from the Citizen Lab and Google’s Threat Analysis Group (TAG) revealed that the three Apple zero-days (CVE-2023-41993, CVE-2023-41991, CVE-2023-41992) addressed in the same period were used as part of an exploit to install Cytrox Predator spyware.

Mobile 129

Mobile Marketing Spyware Surveillance 129

Malwarebytes

APRIL 6, 2021

It was also found in a NATO-themed campaign targeting Ukraine. Sample result: API calls tagged with TinyTracer. For example, we found a COVID19-themed campaign targeting Georgia , where the malicious LNK file was accompanied with a malicious document , and a decoy PDF. Both droppers leaded to Saint Bot instances [ 1 ] [ 2 ].

Malware 118

Malware Phishing Passwords Architecture 118

Security Affairs

APRIL 2, 2023

LockBit leaks data stolen from the South Korean National Tax Service Italy’s Data Protection Authority temporarily blocks ChatGPT over privacy concerns CISA adds bugs exploited by commercial surveillance spyware to Known Exploited Vulnerabilities catalog Hackers are actively exploiting a flaw in the Elementor Pro WordPress plugin Cyber Police of Ukraine (..)

Spyware 85

Spyware Surveillance Artificial Intelligence Data breaches 85