Russia's APT28 uses fear of nuclear war to spread Follina docs in Ukraine
Threat actors associated with Russian intelligence are using the fear or nuclear war to spread data-stealing malware in Ukraine.
Russian Cyberattack Hits Wales-Ukraine Football Broadcast
The broadcast of the Football World Cup 2022 qualifier game between Wales and Ukraine on Sunday was interrupted in Ukraine by a cyberattack that targeted OLL.TV...
Russia’s Sandworm hackers attempted a third blackout in Ukraine
The attack was the first in five years to use Sandworm's Industroyer malware.
An update on the threat landscape
Online security is extremely important for people in Ukraine and the surrounding region right now. Government agencies, independent newspapers and public service providers need it to function and individuals need to communicate safely. Google’s Threat Analysis Group (TAG) has been working around the clock, focusing on the safety and security of our users and the platforms that help them access and share important information.
Phishing attacks target countries aiding Ukrainian refugees
A spear-phishing campaign likely coordinated by a state-backed threat actor has been targeting European government personnel providing logistics support to Ukrainian refugees.
Ukrainian Researcher Leaks Conti Ransomware Gang Data
A Ukrainian cybersecurity researcher has released a huge batch of data that came from the internal systems of the Conti ransomware gang. The researcher released the
Crypto Donations to Ukraine Jumps to $20M
FTX’s Sam Bankman-Fried, Chain.com CEO Deepak Thapliyal made significant donations to the humanitarian effort.
2022 Russia-Ukraine war — Cyber group tracker
A tracker to collate cyber groups engaged in cyber activities during the Russia-Ukraine war 2022.
Hacktivists Plot Attacks on Russia With Ukraine Government's Urging
Hackers are coming to Ukraine’s aid in an effort to target Russian government websites and officials with disruptive counterattacks, according to six people involved in the activity.
Ukraine links phishing targeting military to Belarusian hackers
The Computer Emergency Response Team of Ukraine (CERT-UA) warned today of a spearphishing campaign targeting private email accounts belonging to Ukrainian armed forces personnel.
New data-wiping malware used in destructive attacks on Ukraine
Cybersecurity firms have found a new data wiper used in destructive attacks today against Ukrainian networks just as Russia moves troops into regions of Ukraine.
Flood of malicious junk traffic makes Ukrainian websites unreachable | Ars Technica
DDoS temporarily take out sites as Ukraine stares down Russian soldiers at its border.
Sandworm Disrupts Power in Ukraine Using a Novel Attack Against Operational Technology
This ICS/OT attack represents the latest evolution in Russia's cyber physical attack capability.
Des pirates informatiques russes ont publié un document sensible de la Confédération
Des pirates informatiques russes ont publié un document interne de la Confédération concernant une possible livraison indirecte de chars Piranha à l'Ukraine. Le Secrétariat d'Etat à l'économie (Seco) a confirmé l'authenticité du document à Keystone-ATS.
Russia's APT28 uses fear of nuclear war to spread Follina docs in Ukraine
Threat actors associated with Russian intelligence are using the fear or nuclear war to spread data-stealing malware in Ukraine.
Russian Cyberattack Hits Wales-Ukraine Football Broadcast
The broadcast of the Football World Cup 2022 qualifier game between Wales and Ukraine on Sunday was interrupted in Ukraine by a cyberattack that targeted OLL.TV...
Russia’s Sandworm hackers attempted a third blackout in Ukraine
The attack was the first in five years to use Sandworm's Industroyer malware.
An update on the threat landscape
Online security is extremely important for people in Ukraine and the surrounding region right now. Government agencies, independent newspapers and public service providers need it to function and individuals need to communicate safely. Google’s Threat Analysis Group (TAG) has been working around the clock, focusing on the safety and security of our users and the platforms that help them access and share important information.
Phishing attacks target countries aiding Ukrainian refugees
A spear-phishing campaign likely coordinated by a state-backed threat actor has been targeting European government personnel providing logistics support to Ukrainian refugees.
Ukrainian Researcher Leaks Conti Ransomware Gang Data
A Ukrainian cybersecurity researcher has released a huge batch of data that came from the internal systems of the Conti ransomware gang. The researcher released the
Crypto Donations to Ukraine Jumps to $20M
FTX’s Sam Bankman-Fried, Chain.com CEO Deepak Thapliyal made significant donations to the humanitarian effort.
2022 Russia-Ukraine war — Cyber group tracker
A tracker to collate cyber groups engaged in cyber activities during the Russia-Ukraine war 2022.
Hacktivists Plot Attacks on Russia With Ukraine Government's Urging
Hackers are coming to Ukraine’s aid in an effort to target Russian government websites and officials with disruptive counterattacks, according to six people involved in the activity.
Ukraine links phishing targeting military to Belarusian hackers
The Computer Emergency Response Team of Ukraine (CERT-UA) warned today of a spearphishing campaign targeting private email accounts belonging to Ukrainian armed forces personnel.
New data-wiping malware used in destructive attacks on Ukraine
Cybersecurity firms have found a new data wiper used in destructive attacks today against Ukrainian networks just as Russia moves troops into regions of Ukraine.
Flood of malicious junk traffic makes Ukrainian websites unreachable | Ars Technica
DDoS temporarily take out sites as Ukraine stares down Russian soldiers at its border.
BlueDelta Exploits Ukrainian Government Roundcube Mail Servers to Support Espionage Activities | Recorded Future
Recorded Future's Insikt Group, in partnership with Ukraine's Computer Emergency Response Team (CERT-UA), has uncovered a campaign targeting high-profile entities in Ukraine that was cross-correlated with a spearphishing campaign uncovered by Recorded Future’s Network Traffic Intelligence. The campaign leveraged news about Russia’s war against Ukraine to encourage recipients to open emails, which immediately compromised vulnerable Roundcube servers (an open-source webmail software), using CVE-2020-35730, without engaging with the attachment. We found that the campaign overlaps with historic BlueDelta activity exploiting the Microsoft Outlook zero-day vulnerability CVE-2023-23397 in 2022.
Meet the hacker armies on Ukraine's cyber front line
How links between ‘hacktivists’ and official military are becoming blurred on both sides in the war.
From Discord to 4chan: The Improbable Journey of a US Intelligence Leak - bellingcat
In recent days, the US Justice Department and Pentagon have begun investigating an apparent online leak of sensitive documents, including some that were marked “Top Secret”. A portion of the documents, which have since been widely covered by the news media, focused on Russia’s invasion of Ukraine, while others detailed analysis of potential UK policies on the South China Sea and the activities of a Houthi figure in Yemen. The existence of the documents was first reported by the New York Times after a number of Russian Telegram channels shared five photographed files relating to the invasion of Ukraine on April 5 – at least one of which has since been found by Bellingcat to be crudely edited.
The Cyber Defense Assistance Imperative – Lessons from Ukraine
Russia’s further invasion of Ukraine in February 2022 was a watershed moment, and unique in that a major nation-state had engaged in coordinated, convergent digital and physical attacks in an effort to conquer a neighboring country. Leaders will draw lessons from this conflict for years, but one is already clear: the ability to deliver cyber defense assistance must be a key national security capability.