Cyber warfare – TFun dot org

APT28 relies on PowerPoint Mouseover to deliver Graphite malware

28/09/2022RedOne

The Russia-linked APT28 group is using mouse movement in decoy Microsoft PowerPoint documents to distribute malware. The Russia-linked APT28 employed a technique relying on mouse movement in decoy Microsoft PowerPoint documents to deploy malware, researchers from Cluster25 reported. Cluster25 researchers were analyzing a lure PowerPoint document used to deliver a variant of Graphite malware, which is known to be used […]

Mandiant identifies 3 hacktivist groups working in support of Russia

27/09/2022RedOne

Researchers are tracking multiple self-proclaimed hacktivist groups working in support of Russia, and identified 3 groups linked to the GRU. Mandiant researchers are tracking multiple self-proclaimed hacktivist groups working in support of Russia, and identified 3 groups linked to the Russian Main Intelligence Directorate (GRU). The experts assess with moderate confidence that moderators of the […]

Russia prepares massive cyberattacks on the critical infrastructure of Ukraine and its allies

26/09/2022RedOne

The Ukrainian military intelligence warns that Russia is planning to escalate cyberattacks targeting Ukraine and Western allies. The Main Directorate of Intelligence of the Ministry of Defence of Ukraine (HUR MO) warns that Russia is planning to escalate cyberattacks targeting the critical infrastructure of Ukraine and western countries. According to the Ukrainian military intelligence service, […]

Russian Sandworm APT impersonates Ukrainian telcos to deliver malware

20/09/2022RedOne

Russia-linked APT group Sandworm has been observed impersonating telecommunication providers to target Ukrainian entities with malware. Russia-linked cyberespionage group Sandworm has been observed impersonating telecommunication providers to target Ukrainian entities with malware. Multiple security firms have reported that the Sandworm APT continues to target Ukraine with multiple means, including custom malware and botnet like Cyclops […]

Montenegro and its allies are working to recover from the massive cyber attack

13/09/2022RedOne

A massive cyberattack hit Montenegro, officials believe that it was launched by pro-Russian hackers and the security services of Moscow. A massive cyberattack hit Montenegro, the offensive forced government headquarters to disconnect the systems from the Internet. The attack started on August 20 and impacted online government information platforms. According to the media, the critical […]

Albania was hit by a new cyberattack and blames Iran

11/09/2022RedOne

Albania blamed Iran for a new cyberattack that hit computer systems used by the state police on Friday. Albania blamed the government of Teheran for a new cyberattack that hit computer systems used by the state police on Saturday. “The national police’s computer systems were hit Friday by a cyberattack which, according to initial information, […]

Iran-linked APT42 is behind over 30 espionage attacks

11/09/2022RedOne

Iran-linked APT42 (formerly UNC788) is suspected to be the actor behind over 30 cyber espionage attacks against activists and dissidents. Experts attribute over 30 cyber espionage attacks against activists and dissidents to the Iran-linked APT42 (formerly UNC788). The campaigns have been conducted since 2015 and are aimed at conducting information collection and surveillance operations against […]

US Treasury sanctioned Iran ’s Ministry of Intelligence over Albania cyberattack

09/09/2022RedOne

The U.S. Treasury Department sanctioned Iran ‘s Ministry of Intelligence and Security (MOIS) and its Minister of Intelligence over the Albania cyberattack. The U.S. Treasury Department announced sanctions against Iran ‘s Ministry of Intelligence and Security (MOIS) and its Minister of Intelligence over the cyber attack that hit Albania in July. MOIS is the primary intelligence […]

North Korea-linked Lazarus APT targets energy providers around the world

08/09/2022RedOne

North Korea-linked Lazarus APT group is targeting energy providers around the world, including organizations in the US, Canada, and Japan. Talos researchers tracked a campaign, orchestrated by North Korea-linked Lazarus APT group, aimed at energy providers around the world, including organizations in the US, Canada, and Japan. The campaign was observed between February and July 2022. The attacks […]

Albania interrupted diplomatic ties with Iran over the mid-July attack

08/09/2022RedOne

Albania interrupted diplomatic ties with Iran and expelled the country’s embassy staff over the mid-July attack. Albanian Prime Minister Edi Rama announced that Albania interrupted diplomatic ties with Iran and expelled the country’s embassy staff over the massive cyber attack that hit the country in mid-July. The cyberattack hit the servers of the National Agency […]