Cyber Warfare

New CosmicEnergy ICS malware threatens energy grid assets

Experts detailed a new piece of malware, named CosmicEnergy, that is linked to Russia and targets industrial control systems (ICS).  Researchers from Mandiant discovered a new malware, named CosmicEnergy, designed to target operational technology (OT) / industrial control system (ICS) systems. The malicious code was first uploaded to a public malware scanning service in December 2021 by […]

The post New CosmicEnergy ICS malware threatens energy grid assets appeared first on Security Affairs.

May 26, 2023
0 comment
Read More >>

The US government sanctioned four entities and one individual for supporting cyber operations conducted by North Korea

The US Department of the Treasury sanctioned four entities and one individual for their role in cyber operations conducted by North Korea. The US Department of the Treasury’s Office of Foreign Assets Control (OFAC) announced sanctions against four entities and one individual for their role in malicious cyber operations conducted to support the government of […]

The post The US government sanctioned four entities and one individual for supporting cyber operations conducted by North Korea appeared first on Security Affairs.

May 24, 2023
0 comment
Read More >>

Ukraine’s CERT-UA warns of espionage activity conducted by UAC-0063

The Computer Emergency Response Team of Ukraine (CERT-UA) warns of a cyberespionage campaign targeting state bodies in the country. The Computer Emergency Response Team of Ukraine (CERT-UA) has warned of cyber attacks targeting state bodies in the country as part of an espionage campaign conducted by a threat actor tracked as UAC-0063. The nation-state actor […]

The post Ukraine’s CERT-UA warns of espionage activity conducted by UAC-0063 appeared first on Security Affairs.

May 24, 2023
0 comment
Read More >>

Ukraine, Ireland, Japan and Iceland join NATO Cooperative Cyber Defence Centre of Excellence (CCDCOE)

The NATO Cooperative Cyber Defence Centre of Excellence (CCDCOE) announced that Ukraine, Ireland, Japan and Iceland joined the organization. The NATO Cooperative Cyber Defence Centre of Excellence (CCDCOE) is a multinational organization established to enhance cyber defence capabilities and promote cooperation among NATO member countries and partner nations. “On its 15th anniversary, the NATO Cooperative Cyber […]

The post Ukraine, Ireland, Japan and Iceland join NATO Cooperative Cyber Defence Centre of Excellence (CCDCOE) appeared first on Security Affairs.

May 18, 2023
0 comment
Read More >>

President Zelensky imposes sanctions against the Russian IT sector

Ukraine’s President Zelensky and the country’s Council of National Security introduced new sanctions against individuals and businesses. Ukraine’s President Volodymyr Zelensky and the country’s Council of National Security introduced new sanctions against 351 Russian individuals and 241 business entities. The list of sanctioned entities comprises IT companies operating within the Russian Federation, notably Gazpromneft IT […]

The post President Zelensky imposes sanctions against the Russian IT sector appeared first on Security Affairs.

May 16, 2023
0 comment
Read More >>

North Korea-linked APT breached the Seoul National University Hospital

The Korean National Police Agency (KNPA) warns that a North Korea-linked APT group had breached the Seoul National University Hospital (SNUH). The Korean National Police Agency (KNPA) revealed that a North Korea-linked APT group has breached one of the largest hospitals in the country, the Seoul National University Hospital (SNUH). The security breach took place […]

The post North Korea-linked APT breached the Seoul National University Hospital appeared first on Security Affairs.

May 11, 2023
0 comment
Read More >>

DownEx cyberespionage operation targets Central Asia

A new sophisticated malware strain, dubbed DownEx, was involved in attacks aimed at Government organizations in Central Asia. In late 2022, Bitdefender Labs researchers first observed a highly targeted cyberattack targeting foreign government institutions in Kazakhstan that involved a new sophisticated strain of malware dubbed DownEx. Later the researchers detected another attack in Afghanistan that allowed them to […]

The post DownEx cyberespionage operation targets Central Asia appeared first on Security Affairs.

May 10, 2023
0 comment
Read More >>

US disrupts Russia-linked Snake implant’s network

The US government announced to have disrupted the peer-to-peer (P2P) network of computers compromised by the Snake malware. The Snake implant is one of the most sophisticated implants used by Russia-linked threat actors for cyberespionage purposes. The malware has been designed and used by Center 16 of Russia’s Federal Security Service (FSB) in cyber espionage […]

The post US disrupts Russia-linked Snake implant’s network appeared first on Security Affairs.

May 10, 2023
0 comment
Read More >>

Iran-linked APT groups started exploiting Papercut flaw

Microsoft warns of Iran-linked APT groups that are targeting vulnerable PaperCut MF/NG print management servers. Microsoft warns that Iran-linked APT groups have been observed exploiting the CVE-2023-27350 flaw in attacks against PaperCut MF/NG print management servers. The CVE-2023-27350 flaw is a PaperCut MF/NG Improper Access Control Vulnerability. PaperCut MF/NG contains an improper access control vulnerability within the […]

The post Iran-linked APT groups started exploiting Papercut flaw appeared first on Security Affairs.

May 9, 2023
0 comment
Read More >>

Russia-linked Sandworm APT uses WinRAR in destructive attacks on Ukraine’s public sector

CERT-UA is warning of destructive cyberattacks conducted by the Russia-linked Sandworm APT group against the Ukraine public sector. Russia-linked APT group Sandworm is behind destructive cyberattacks against Ukrainian state networks, the Ukrainian Government Computer Emergency Response Team (CERT-UA) warns. The Sandworm group (aka BlackEnergy, UAC-0082, Iron Viking, Voodoo Bear, and TeleBots) has been active since 2000, it operates under the control […]

The post Russia-linked Sandworm APT uses WinRAR in destructive attacks on Ukraine’s public sector appeared first on Security Affairs.

May 4, 2023
0 comment
Read More >>