Security Affairs

APRIL 20, 2023

The researchers from Google TAG are warning of Russia-linked threat actors targeting Ukraine with phishing campaigns. Russia-linked threat actors launched large-volume phishing campaigns against hundreds of users in Ukraine to gather intelligence and aimed at spreading disinformation, states Google’s Threat Analysis Group (TAG).

Phishing 91

Phishing Education Accountability Telecommunications 91

Bleeping Computer

JULY 19, 2022

Google's Threat Analysis Group (TAG), whose primary goal is to defend Google users from state-sponsored attacks, said today that Russian-backed threat groups are still focusing their attacks on Ukrainian organizations. [.].

DDOS 99

DDOS 99

Heimadal Security

MARCH 31, 2022

According to the Google Threat Analysis Group (TAG), a great number of threat actors are currently exploiting the event of the Russian invasion in Ukraine to launch phishing and malware cyberattacks against Eastern European and NATO countries. The cyberattacks also target Ukraine.

Phishing 109

Phishing Government Malware Cybersecurity 109

Heimadal Security

FEBRUARY 21, 2023

According to a new report released by Google’s Threat Analysis Group (TAG) and Mandiant, Russia’s cyber attacks against Ukraine increased by 250% in 2022. The company said it observed […] The post Google Confirms Increase In Russian Cyber Attacks Against Ukraine appeared first on Heimdal Security Blog.

Cyber Attacks 96

Cyber Attacks Media Government Cybersecurity 96

The Hacker News

MARCH 18, 2022

Google's Threat Analysis Group (TAG) took the wraps off a new initial access broker that it said is closely affiliated to a Russian cyber crime gang notorious for its Conti and Diavol ransomware operations.

Ransomware 110

Ransomware 110

CyberSecurity Insiders

NOVEMBER 21, 2022

In December 2021, Google’s Threat Analysis Group (TAG) discovered the intense activities being conducted by Glupteba Botnet on the internet and filed a lawsuit in a district court of New York. Google won the lawsuit against two Russian nationals who were found guilty in operating the said botnet network.

IoT 128

IoT Cryptocurrency Internet Internet 128

Heimadal Security

AUGUST 2, 2021

In July 2020, a joint advisory was published that revealed a Russian espionage campaign named APT29 or Cozy Bear, seen also as an extension of SVR (Russia’s Foreign Intelligence Services). Presidency accused Russian […].

Malware 105

Malware Cybersecurity 105

Security Affairs

APRIL 3, 2022

This post provides a timeline of the events related to the Russian invasion of Ukraine from the cyber security perspective. Apr 02 – Anonymous leaked 15 GB of data allegedly stolen from the Russian Orthodox Church. Apr 02 – Ukraine intelligence leaks names of 620 alleged Russian FSB agents.

DDOS 98

DDOS Hacking Mobile Internet 98

Security Affairs

MARCH 13, 2022

March 12 – Russian Internet watchdog Roskomnadzor is going to ban Instagram. Russian Internet watchdog Roskomnadzor is going to ban Instagram in Russia to prevent the spreading of info related to the Ukraine invasion. March 11 – Anonymous hacked Roskomnadzor agency revealing Russian disinformation. Is it fake news?

Hacking 90

Hacking DDOS Phishing Malware 90

Security Affairs

MARCH 9, 2022

The campaign took place in February and Google Threat Analysis Group (TAG) team was not able to link it to the ongoing invasion of Ukraine. Google Threat Analysis Group (TAG) director Shane Huntley confirmed that the IT giant was able to detect and block all phishing messages. government.

Government 93

Government Phishing DDOS Hacking 93

Security Affairs

FEBRUARY 25, 2024

Iran Crisis Russia-Aligned TAG-70 Targets European Government and Military Mail Servers in New Espionage Campaign U.S. Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Spyware 97

Spyware Cyber Insurance Hacking Advertising 97

Security Affairs

AUGUST 7, 2020

Google published its second Threat Analysis Group (TAG) report which reveals the company has taken down ten coordinated operations in Q2 2020. Google has published its second Threat Analysis Group (TAG) report , a bulletin that includes coordinated influence operation campaigns tracked in Q2 of 2020. response to COVID-19.

Accountability 97

Accountability Advertising Media Government 97

Heimadal Security

OCTOBER 21, 2021

According to Google, YouTube influencers have been targeted with password-stealing malware in a phishing campaign allegedly conducted by Russian-speaking cybercriminals. The post Russian Threat Actors Tempt YouTubers with Bogus Paid Collaborations to Hijack their Accounts appeared first on Heimdal Security Blog.

Accountability 80

Accountability Phishing Passwords Malware 80

Security Affairs

SEPTEMBER 8, 2022

Researchers from Google’s Threat Analysis Group (TAG) reported that some former members of the Conti cybercrime group were involved in five different campaigns targeting Ukraine between April and August 2022. ” reads the TAG’s report. ” concludes TAG.

Ransomware 128

Ransomware Cybercrime Government Media 128

CyberSecurity Insiders

AUGUST 18, 2022

Lithuania and Estonia are two new nations that intended to join NATO as soon as the Russian war with Kyiv started in February this year. As both the nations are supporting Ukraine by supplying essential commodities to innocent civilians, Putin has tagged both the nations as adversaries to Russian Federation from April this year.

Cyber Attacks 106

Cyber Attacks Digital transformation DDOS Hacking 106

Security Affairs

MARCH 19, 2022

Google’s Threat Analysis Group (TAG) uncovered a new initial access broker, named Exotic Lily, that is closely affiliated with the Conti ransomware gang. Google’s Threat Analysis Group (TAG) researchers linked a new initial access broker, named Exotic Lily, to the Conti ransomware operation.

Cybercrime 88

Cybercrime Social Engineering Ransomware Engineering 88

Security Affairs

OCTOBER 20, 2021

A Cookie Theft malware was employed in phishing attacks against YouTube creators, Google’s Threat Analysis Group (TAG) warns. According to Google’s Threat Analysis Group (TAG) researchers, who spotted the campaign, the attacks were launched by multiple hack-for-hire actors recruited on Russian-speaking forums.

Accountability 128

Accountability Malware Phishing Social Engineering 128

Security Affairs

MARCH 31, 2022

The Google TAG uses uncovered phishing attacks targeting Eastern European and NATO countries, including Ukraine. “ However, for the first time, TAG has observed COLDRIVER campaigns targeting the military of multiple Eastern European countries, as well as a NATO Centre of Excellence.” In one case observed by the TAG team.

Phishing 79

Phishing Accountability Government Hacking 79

Security Affairs

OCTOBER 25, 2023

Russian APT group Winter Vivern (aka TA473) has been observed exploiting a zero-day flaw in Roundcube webmail software on October 11, 2023. The analysis of the email HTML source code revealed the presence of a SVG tag at the end, which contains a base64-encoded payload. The messages were sent from team.managment@outlook[.]com

Software 114

Software Government Phishing Internet 114

Security Affairs

MARCH 20, 2022

Google’s TAG team revealed that China-linked APT groups are targeting Ukraine ’s government for intelligence purposes. The collective Anonymous and its affiliated groups continue to target the Russian government and private organizations. March 16 – Hacker breaches key Russian ministry in blink of an eye.

Government 88

Government Antivirus Hacking Software 88

Security Affairs

OCTOBER 14, 2021

The data were provided by Google’s Threat Analysis Group (TAG), which tracks government-backed hacking campaign, which warns of a significant increase in the number of the alert compared to the previous year. This spike is largely due to blocking an unusually large campaign from a Russian actor known as APT28 or Fancy Bear.”

Phishing 88

Phishing Hacking Government VPN 88

Security Affairs

JANUARY 18, 2024

The ColdRiver APT (aka “ Seaborgium “, “Callisto”, “Star Blizzard”, “TA446”) is a Russian cyberespionage group that has been targeting government officials, military personnel, journalists and think tanks since at least 2015. In November 2022, TAG spotted COLDRIVER sending targets benign PDF documents from impersonation accounts.

Phishing 96

Phishing Malware Encryption Accountability 96

SecureWorld News

FEBRUARY 25, 2022

Following Russian President Vladimir Putin's decision to invade Ukraine, the cybersecurity community is banding together to provide any relief it can to the citizens of Ukraine. We want the Russian people to understand that we know it's hard for them to speak out against their dictator for fear of reprisals. February 24, 2022.

Government 72

Government Hacking Cybersecurity Technology 72

CyberSecurity Insiders

APRIL 26, 2022

UK’s Ministry of Defense (MoD) has released a press statement that few of its servers might have been compromised by hackers believed to be working for the Russian government. News is out that the activity was conducted in January this year when a Russian agent infiltrated a database belonging to MoD and stole critical information.

Hacking 87

Hacking Data breaches Government Cybersecurity 87

Krebs on Security

NOVEMBER 28, 2022

Army and the Centers for Disease Control and Prevention (CDC) were integrating software that sends visitor data to a Russian company called Pushwoosh , which claims to be based in the United States. “Pushwoosh never mentioned it was Russian-based in eight annual filings in the U.S. regulatory filings present it as a U.S.

Mobile 231

Mobile Malware Technology Government 231

Security Affairs

JANUARY 9, 2023

In March 2022, the Google Threat Analysis Group (TAG) spotted phishing and malware attacks targeting Eastern European and NATO countries, including Ukraine. “Despite the absence of technical evidence associating Calisto activities with a known Russian cyber offensive service, SEKOIA.IO “The digital blitz against the U.S.

Phishing 82

Phishing Hacking Cybersecurity Passwords 82

Security Affairs

JANUARY 21, 2024

CISA warns of actively exploited Ivanti EPMM flaw CVE-2023-35082 The Quantum Computing Cryptopocalypse – I’ll Know It When I See It Kansas State University suffered a serious cybersecurity incident CISA adds Chrome and Citrix NetScaler to its Known Exploited Vulnerabilities catalog Google TAG warns that Russian COLDRIVER APT is using a custom backdoor (..)

Artificial Intelligence 99

Artificial Intelligence VPN Hacking Firewall 99

CyberSecurity Insiders

DECEMBER 9, 2021

Google has made an official announcement that it has filed a lawsuit against a blockchain on botnet operators to pressurize Russian government to take stringent action against cyber criminals operating from its region.

Cryptocurrency 105

Cryptocurrency Government Internet Internet 105

CyberSecurity Insiders

MARCH 21, 2022

The top news that is trending on Google is related to a cyber-attack campaign that targeted about 21 natural gas suppliers in the United States, just a few days before the Russian invasion of Ukraine. Now, the suspicion finger is pointing towards a Russian state-funded hackers group.

Ransomware 119

Ransomware Cyber Attacks Hacking Manufacturing 119

Security Affairs

JUNE 26, 2022

SecurityAffairs awarded as Best European Personal Cybersecurity Blog 2022 Crooks are using RIG Exploit Kit to push Dridex instead of Raccoon stealer Flagstar Bank discloses a data breach that impacted 1.5

Small Business 84

Small Business Spyware Data breaches Surveillance 84

Security Affairs

NOVEMBER 21, 2022

Google won a lawsuit filed against two Russian nationals involved in the operations of the Glupteba botnet. ” The IT giant won a lawsuit filed against two Russian nationals involved in the operations of the botnet, the court’s ruling sets an important legal precedent in the fight against cybercrime. ” The U.S.

Cybercrime 94

Cybercrime IoT Cryptocurrency Malware 94

Security Affairs

APRIL 3, 2022

If you want to also receive for free the newsletter with the international press subscribe here.

Firewall 83

Firewall Hacking DDOS VPN 83

Krebs on Security

JULY 25, 2023

Spur.us , a startup that tracks proxy services, told KrebsOnSecurity that the Internet addresses Lumen tagged as the AVrecon botnet’s “Command and Control” (C2) servers all tie back to a long-running proxy service called SocksEscort. Page translation from Russian via Google Translate. SocksEscort[.]com

Malware 196

Malware VPN Internet Internet 196

Security Affairs

OCTOBER 8, 2021

Shane Huntley, the head of the Threat Analysis Group (TAG), wrote on Twitter that his group had sent an above-average batch of government-backed security warnings. . TAG sent a above average batch of government-backed security warnings yesterday. Most of APT28s’ campaigns leveraged spear-phishing and malware-based attacks.

Phishing 97

Phishing Government Hacking Accountability 97

Security Affairs

MAY 7, 2020

Researchers from Cybaze-Yoroi ZLab monitored the evolution and the diffusion of an infostealer dubbed Poulight that most likely has a Russian origin. Over the last two months, we monitored the evolution and the diffusion of an infostealer dubbed by the authors Poulight that most likely has a Russian origin. Introduction.

Malware 101

Malware Advertising Cybercrime Internet 101

Security Affairs

AUGUST 6, 2023

Reptile Rootkit employed in attacks against Linux systems in South Korea New PaperCut flaw in print management software exposes servers to RCE attacks A cyberattack impacted operations of multiple hospitals in several US states Married couple pleaded guilty to laundering billions in cryptocurrency stolen from Bitfinex in 2016 Malicious packages in (..)

Malware 82

Malware Cybercrime Cryptocurrency Social Engineering 82

Security Affairs

MARCH 13, 2022

Is it fake news?

Data breaches 90

Data breaches Firmware Hacking Ransomware 90