The Cybersecurity and Infrastructure Security Agency (CISA), along with the Federal Bureau of Investigation (FBI), the National Security Agency, and other international partners, issued an Alert on September 5, 2024, warning that cyber actors affiliated with the Russian military are targeting critical infrastructure, government services, financial services, transportation systems, energy, and healthcare sectors of NATO
russia
Convicted Russian Cybercriminals Part of Prisoner Swap
It is heartwarming that 16 prisoners, including innocent ex-Marine Paul Whelan and Wall Street Journal reporter Evan Gershkovich, have been freed from their wrongful imprisonment in Russia in exchange for 24 convicted Russian prisoners. What is disturbing is that innocent individuals wrongfully convicted are being used to bargain for convicted individuals, including cybercriminals.
Krebs on…
Privacy Tip #408 – Russian Cybercriminals Get 69% of Ransom Payments
Anecdotally, we know that cybercriminals hailing from Russia are a significant risk to U.S.-based and world companies and governmental entities. With two convicted Russian cybercriminals being released this week in the prisoner swap I was curious just how significant Russian cybercriminals play in cybercrime chaos.
According to Bleeping Computer, “Russian-speaking threat actors accounted…
Commerce Department Bans Kaspersky Software in US
In the Biden Administration’s continuing effort to reduce the risk of cybersecurity spyware from foreign adversaries, including Russia, the United States Department of Commerce (Commerce) issued a final rule (Rule) on June 16, 2023, entitled “Protecting Americans’ Sensitive Data from Foreign Adversaries” and also amended a previously issued rule (“Securing the Information and Communications Technology…
CISA + Partners Issue Alert for Protection of Water Systems, Dams, Energy + Food + Ag
In response to the growing threat by pro-Russia hacktivists, on May 1, 2023, CISA and other national agency partners issued an Alert to operators of industrial control systems and small-scale operational technology systems in North America and Europe on mitigation techniques for cyber operations to prevent a compromise of industrial control systems, including “Water and…
New Threat: Scattered Spider International Coalition of Hackers
Cyber adversaries in China and Russia continue to be a formidable threat to U.S. based companies. In the past, scams might be detected because a word was misspelled or the context didn’t make sense. Now, with the help of young Western hackers, cyber adversaries in Russia will be able to use insider knowledge of language…
Boeing Hit with LockBit Ransomware
Boeing has confirmed that its parts and distribution site has been attacked by LockBit ransomware, which is believed to be Russian based. Boeing has said that the attack has not affected flight safety. Boeing is investigating the attack.
LockBit publicly claimed responsibility for the attack and boasted that it had stolen “sensitive data” from Boeing…
Clop Claims Zero-Day Attacks Against 130 Organizations
Russia-linked ransomware gang Clop has claimed that it has attacked over 130 organizations since late January, using a zero-day vulnerability in the GoAnywhere MFT secure file transfer tool, and was successful in stealing data from those organizations. The vulnerability is CVE-2023-0669, which allows attackers to execute remote code execution.
The manufacturer of GoAnywhere MFT notified…
Killnet Takes Credit for Disabling State Websites
Killnet, a Russian-speaking hacking group that emerged shortly after Russia invaded Ukraine, took responsibility last week for deploying a denial-of-service attack that temporarily took several U.S. states’ websites offline.
Although reported as unsophisticated, the attacks managed to affect the websites of Colorado, Connecticut, Kentucky, and Mississippi. The group’s goal is reportedly to disrupt U.S. state…
Hackers Caused a Traffic Jam in Moscow
Hackers caused a massive traffic jam in Moscow by exploiting the ride-sharing app Yandex Taxi and using it to summon dozens of taxis to a single location. While Yandex has not confirmed the attacker’s identity, the hacktivist group Anonymous claimed responsibility on Twitter. The group has been actively taking aim at Russian targets in response…