Cyberwarfare / Nation-State Attacks, Fraud Management & Cybercrime, Government Secret Blizzard Utilizes Third-Party Amadey Bots to Compromise Ukrainian Military Devices Jayant Chakravarti (@JayJay_Tech) • December 12, 2024 A Ukrainian soldier operating a drone on the battlefield in 2023. (Image: Shutterstock) A state-sponsored hacking group from Russia, identified as Center 16…
Microsoft has reported on a sophisticated cyber operation attributed to the group known as Secret Blizzard, which has utilized the Amadey malware to execute targeted attacks against specific entities. The nature of the attacks suggests that Secret Blizzard either employed Amadey as a malware-as-a-service or engaged with its command-and-control panels…
In a troubling revelation, the cyber espionage group codenamed MoustachedBouncer, which has remained undocumented until now, has been linked to a series of attacks targeting foreign embassies in Belarus. ESET security researcher Matthieu Faou notes that this group has likely been active since 2014 and has continuously improved its techniques,…
Phishing Attack Uncovered Using Fake CAPTCHA to Execute Malicious Scripts In a recent security analysis by ANY.RUN, an interactive malware analysis platform, a sophisticated phishing campaign has been identified that utilizes deceptive fake CAPTCHA prompts to lure victims into executing harmful scripts on their systems. This evolving threat exemplifies the…
North Korean State-Sponsored Group Partners with Ransomware Actors in Recent Cyberattack A recent report from Palo Alto Networks’ Unit 42 highlights alarming developments in the cybersecurity landscape, revealing a collaboration between the North Korean state-sponsored threat group known as Jumpy Pisces and the financially motivated Play ransomware group. This incident…
Cloudflare Disrupts Phishing Campaign Targeting Ukrainian Entities On Thursday, Cloudflare announced that it has taken measures to disrupt an extensive phishing campaign that has been ongoing for a month. This operation is attributed to a Russia-aligned threat actor known as FlyingYeti, which has specifically targeted Ukraine amidst ongoing tensions in…
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) announced on Thursday the inclusion of a significant security vulnerability associated with the Oracle WebLogic Server in its Known Exploited Vulnerabilities (KEV) catalog. This action follows compelling evidence that the flaw is actively being exploited in the wild, raising concerns for organizations…
Recent cybersecurity investigations reveal that Iranian state-sponsored actors have employed a novel command-and-control (C2) framework identified as MuddyC2Go. This development is part of ongoing cyber assaults directed at Israel, heightening concerns regarding the threat landscape in the region. Security researcher Simon Kenin from Deep Instinct outlined in a report released…
Russian state-sponsored cyber espionage activities have recently come under scrutiny as actors associated with the Federal Security Service (FSB) deploy a new malware variant known as LitterDrifter. This USB worm has been specifically used to breach defenses of various entities within Ukraine, raising significant alert levels among cybersecurity experts. Check…
