Conti Shutsdown its Operations
The Conti ransomware operation has become toxic due to its affiliation with the Russian government. A high successful operation that helped cybercriminals make billions after each breach of major organizations.…
Cyclops Blink Malware Linked to Russia
US and UK cybersecurity and law enforcement agencies published a joint security advisory about a new malware, dubbed Cyclops Blink, that has been linked to the Russian-backed Sandworm APT group…
App With 5Million Downloads Malvertised
Android app with more than 500,000 downloads from Google Play has been caught hosting malware that surreptitiously sends users’ contacts to an C2 server and signs up users to pricey…
Posted inSecurity
CEELoader added to Nobelium Arsenal
Researchers have identified two distinct clusters of activity, tracked UNC3004 and UNC2652, that were associated with the Russia-linked Nobelium APT group (aka UNC2452). The NOBELIUM APT is the threat actor…
Ghostwriter 👻 APT
Threat Intelligence researchers believe that the Ghostwriter disinformation campaign (aka UNC1151) was linked to the government of Belarus. The campaign tracked as GhostWriter, has been ongoing since at least March…
Posted inCyberAttack cybersecurity Ransomware
REvil feels the Heat
Ransomware gang REvil has disappeared following pressure from the U.S. government on Russia to act on ransomware groups operating in the country. The REvil ransomware gang, also known as Sodinokibi,…
Posted inCloud cloudsecurity CyberAttack
Kubernetes Brute forced
An advisory has been released by NSA, FBI,CISA, NCSC warning about an ongoing global campaign using brute force techniques. Campaign links to the Russian government, particularly to Russia’s General Staff…
Posted inCyberAttack
Russia Spearphised Ukraine
Three Ukrainian cybersecurity agencies have warned last week of a “massive” spear-phishing operation carried out by Russian threat actors against the Ukrainian government and private sector. The spear-phishing operation posing…