Russian cyber espionage

From The Hacker News – CERT-UA Reports Cyberattacks Targeting Ukrainian State Systems with WRECKSTEEL Malware

The Computer Emergency Response Team of Ukraine (CERT-UA) has revealed that no less than three cyber attacks were recorded against state administration bodies and critical infrastructure facilities in the country with an aim to steal sensitive data. The campaign, the agency said, involved the use of compromised email accounts to send phishing messages containing links pointing to legitimate

shaikh Saqib April 4, 2025

Vulnerabilities

From Cybersecurity Help – Russian Gamaredon APT targeting Ukraine with malicious LNK files in new Remcos campaign

The malicious LNK files are disguised as legitimate files, with filenames using Russian terms related to military movements in Ukraine. Read More

Samir K March 31, 2025

News

From Dark Reading – Ukraine Defense Sector Under Attack Via Dark Crystal RAT

The UNC-200 threat group, active since last summer, has been utilizing the Signal messaging app to social engineer targets into downloading an infostealing remote access Trojan. Read More

shaikh Saqib March 20, 2025

News

From The Hacker News – CERT-UA Warns: Dark Crystal RAT Targets Ukrainian Defense via Malicious Signal Messages

The Computer Emergency Response Team of Ukraine (CERT-UA) is warning of a new campaign that targets the defense sectors with Dark Crystal RAT (aka DCRat). The campaign, detected earlier this month, has been found to target both employees of enterprises of the defense-industrial complex and individual representatives of the Defense Forces of Ukraine. The activity involves

shaikh Saqib March 20, 2025

News

From The Hacker News – Sticky Werewolf Uses Undocumented Implant to Deploy Lumma Stealer in Russia and Belarus

The threat actor known as Sticky Werewolf has been linked to targeted attacks primarily in Russia and Belarus with the aim of delivering the Lumma Stealer malware by means of a previously undocumented implant. Cybersecurity company Kaspersky is tracking the activity under the name Angry Likho, which it said bears a "strong resemblance" to Awaken Likho (aka Core Werewolf, GamaCopy, and

shaikh Saqib February 28, 2025

News

From Security Week – In Other News: $10,000 YouTube Flaw, Cybereason CEO Sues Investors, New OT Security Tool

[[{"value":"Noteworthy stories that might have slipped under the radar: Google pays $10,000 bug bounty for YouTube vulnerability, Cybereason CEO sues two investors, Otorio launches new OT security tool. The post…

shaikh Saqib February 14, 2025

Vulnerabilities

From Cybersecurity Help – UAC-0006 returns with SmokeLoader targeting Ukraine’s largest state-owned bank

The campaign involves password-protected archives containing malicious JavaScript, VBScript, and LNK files. Read More

shaikh Saqib February 6, 2025