JetBrains Vulnerability Exploited by CozyBear Hackers

A vulnerability from early March 2023 exploited in real-world attacks by CozyBear TA

JetBrain’s TeamCity servers became a target to a Russian-backed attacker CozyBear. Using a vulnerability discovered back in March 2023, hackers were able to execute arbitrary code without any authorization. TeamCity Vulnerability Exploited by CozyBear JetBrains TeamCity servers, a crucial solution in the software development lifecycle, have recently been targeted in a cyberattack similar to the… Continue reading JetBrains Vulnerability Exploited by CozyBear Hackers

Kyivstar, Ukraine’s Biggest Cell Carrier, Hacked

Hackers managed to destroy all the software infrastructure

On Tuesday, December 12, 2023, Ukraine’s largest cellular operator Kyivstar got its network infrastructure ruined. This is a result of a hack that was most likely executed by a Russian threat actor. I considered delaying writing this post to gather more facts regarding the situation. On day 1, nothing but speculation and suppositions were available.… Continue reading Kyivstar, Ukraine’s Biggest Cell Carrier, Hacked

Outlook Vulnerability Exploited by Russian Hackers

Microsoft warns about the active usage of CVE-2023-23397 in attacks on Polish organizations

A vulnerability in Microsoft Outlook is under active exploitation – that is the worrying notification from Microsoft. World largest software developer warns about Russian state-sponsored hackers using this breach to perform cyberattacks. Despite the fix for the issue being released over 8 months ago, there is still a concerning amount of unpatched instances. Microsoft Outlook… Continue reading Outlook Vulnerability Exploited by Russian Hackers

The FBI Disrupted the Cyberspyware “Snake” that the Russian FSB Used for 20 Years

The US Federal Bureau of Investigation on Tuesday reported the disruption of a massive spying program by the Russian Federal Security Service (FSB) using cyberspyware codenamed “Snake”. This is stated in a press release from the US Department of Justice. Let me remind you that we also talked about the fact that Europe’s largest private… Continue reading The FBI Disrupted the Cyberspyware “Snake” that the Russian FSB Used for 20 Years

Companies Manage to Bargain With Ransomware Racketeers

Revelations of the Ransom-Negotiator In May, the racketeer-bargaining specialist (the negotiator) at a European production company had received an unexpected chat message from a malefactor who had hacked the specialist’s client. Ransom negotiations, aimed at lowering the demands of racketeers, are the realm totally dominated by lawyers, consulting, and information security companies who know the… Continue reading Companies Manage to Bargain With Ransomware Racketeers

The US Department of Justice Reports a Russian Botnet Dismantled

RSOCKS Russian Botnet Is No More as a Result of a Joint Operation According to the June 16 report by the US Department of Justice, the activity of a Russian botnet RSOCKS has been stopped in a joint operation by the US, German, Dutch, and British law enforcement agencies. RSOCKS is responsible for hacking millions… Continue reading The US Department of Justice Reports a Russian Botnet Dismantled

Ukraine Was Hit by DDoS Attacks from Hacked WordPress Sites

Ukrainian Computer Emergency Response Team (CERT-UA) said that Ukraine was hit by large-scale DDoS attacks. CERT-UA has published a report on ongoing DDoS attacks on Ukrainian websites and a government web portal. Unknown attackers compromise WordPress sites and inject malicious JavaScript code into the HTML structure. The script is base64 encoded to avoid detection like… Continue reading Ukraine Was Hit by DDoS Attacks from Hacked WordPress Sites

State Department Offers $1 million for Info on Russian Hackers

The US State Department has announced a reward amounting up to 10 million dollars for the information about six presumably Russian intelligence agents accused by the US authorities of involvement in the 2017 NotPetya virus hacker attacks. The announcement states that the reward is intended for anyone who can provide information to help identify and… Continue reading State Department Offers $1 million for Info on Russian Hackers

Shuckworm hackers attack Ukrainian organizations with new variant of Pteredo backdoor

Specialists from the cybersecurity company Symantec reported attacks by the cybercriminal group Shuckworm (Armageddon or Gamaredon) on Ukrainian organizations using a new version of the Pteredo (Pteranodon) custom backdoor. The group, linked by experts to Russia, has been carrying out cyber-espionage operations against Ukrainian government organizations since at least 2014. According to experts, the group… Continue reading Shuckworm hackers attack Ukrainian organizations with new variant of Pteredo backdoor

Microsoft discovered the WhisperGate wiper attacking Ukrainian users

Microsoft says it discovered a destructive attack on Ukrainian users using the WhisperGate wiper, which tried to impersonate a ransomware, but in fact did not provide victims with data recovery options. In fact, the detected threat is a classic wiper, that is, malware designed to deliberately destroy data on an infected host. WhisperGate wiper Such… Continue reading Microsoft discovered the WhisperGate wiper attacking Ukrainian users